{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThe SUSE Linux Enterprise 15 SP4 kernel was updated.\n\nThe following security bugs were fixed:\n\n\n- CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information (bsc#1199657).\n- CVE-2022-34918: Fixed a buffer overflow with nft_set_elem_init() that could be used by a local attacker to escalate privileges (bnc#1201171).\n- CVE-2021-26341: Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage (bsc#1201050).\n- CVE-2022-20154: Fixed a use after free due to a race condition in lock_sock_nested of sock.c. This could lead to local escalation of privilege with System execution privileges needed (bsc#1200599).\n- CVE-2022-2318: Fixed a use-after-free vulnerabilities in the timer handler in net/rose/rose_timer.c that allow attackers to crash the system without any privileges (bsc#1201251).\n- CVE-2022-1462: Fixed an out-of-bounds read flaw in the TeleTYpe subsystem (bnc#1198829).\n- CVE-2022-26365, CVE-2022-33740, CVE-2022-33741, CVE-2022-33742: Fixed multiple potential data leaks with Block and Network devices when using untrusted backends (bsc#1200762).\n- CVE-2022-33743: Fixed a Denial of Service related to XDP (bsc#1200763).\n- CVE-2022-1679: Fixed a use-after-free in the Atheros wireless driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages (bnc#1199487).\n- CVE-2022-20132: Fixed out of bounds read due to improper input validation in lg_probe and related functions of hid-lg.c (bnc#1200619).\n- CVE-2022-33981: Fixed use-after-free in floppy driver (bsc#1200692)\n- CVE-2022-1012: Fixed information leak caused by small table perturb size in the TCP source port generation algorithm (bsc#1199482).\n- CVE-2022-1998: Fixed a use after free in the file system notify functionality (bnc#1200284).\n- CVE-2022-1966: Fixed a use-after-free vulnerability in the Netfilter subsystem. This flaw allowed a local attacker with user access to cause a privilege escalation issue. (bnc#1200015)\n- CVE-2022-1852: Fixed a null-ptr-deref in the kvm module which can lead to DoS. (bsc#1199875)\n- CVE-2022-1789: Fixed a NULL pointer dereference when shadow paging is enabled. (bnc#1199674)\n- CVE-2022-1508: Fixed an out-of-bounds read flaw that could cause the system to crash. (bsc#1198968)\n- CVE-2022-1671: Fixed a null-ptr-deref bugs in net/rxrpc/server_key.c, unprivileged users could easily trigger it via ioctl. (bsc#1199439)\n- CVE-2022-1651: Fixed a bug in ACRN Device Model emulates virtual NICs in VM. This flaw may allow a local privileged attacker to leak kernel unauthorized information and also cause a denial of service problem. (bsc#1199433)\n- CVE-2022-29582: Fixed a use-after-free due to a race condition in io_uring timeouts. This can be triggered by a local user who has no access to any user namespace; however, the race condition perhaps can only be exploited infrequently. (bnc#1198811)\n- CVE-2022-0494: Fixed a kernel information leak flaw in the scsi_ioctl function. This flaw allowed a local attacker with a special user privilege to create issues with confidentiality. (bnc#1197386)\n- CVE-2021-4204: Fixed a vulnerability that allows local attackers to escalate privileges on affected installations via ebpf. (bnc#1194111)\n- CVE-2022-23222: Fixed a bug that allowed local users to gain privileges. (bnc#1194765)\n- CVE-2022-0264: Fixed a vulnerability in the Linux kernel\u0027s eBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating some of the exploit mitigations in place for the kernel. (bnc#1194826)\n- CVE-2022-1016: Fixed a vulnerability in the nf_tables component of the netfilter subsystem. This vulnerability gives an attacker a powerful primitive that can be used to both read from and write to relative stack data, which can lead to arbitrary code execution. (bsc#1197227)\n- CVE-2022-1205: Fixed null pointer dereference and use-after-free vulnerabilities that allow an attacker to crash the linux kernel by simulating Amateur Radio. (bsc#1198027)\n- CVE-2022-1198: Fixed an use-after-free vulnerability that allow an attacker to crash the linux kernel by simulating Amateur Radio (bsc#1198030).\n- CVE-2022-1972: Fixed a buffer overflow in nftable that could lead to privilege escalation. (bsc#1200019)\n- CVE-2022-21127: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650)\n- CVE-2022-21123: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650)\n- CVE-2022-21125: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650)\n- CVE-2022-21180: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650)\n- CVE-2022-21166: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650)\n- CVE-2022-1729: Fixed a sys_perf_event_open() race condition against self (bsc#1199507).\n- CVE-2022-1652: Fixed a statically allocated error counter inside the floppy kernel module (bsc#1199063).\n- CVE-2022-30594: Fixed restriction bypass on setting the PT_SUSPEND_SECCOMP flag (bnc#1199505).\n- CVE-2021-33061: Fixed insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapters that may have allowed an authenticated user to potentially enable denial of service via local access (bnc#1196426).\n- CVE-2022-1974: Fixed an use-after-free that could causes kernel crash by simulating an nfc device from user-space. (bsc#1200144)\n- CVE-2022-21499: Reinforce the kernel lockdown feature, until now it\u0027s been trivial to break out of it with kgdb or kdb. (bsc#1199426)\n- CVE-2022-1184: Fixed an use-after-free and memory errors in ext4 when mounting and operating on a corrupted image. (bsc#1198577)\n- CVE-2022-1734: Fixed a r/w use-after-free when non synchronized between cleanup routine and firmware download routine. (bnc#1199605)\n- CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were not considered, which lead to a move_data_page NULL pointer dereference (bsc#1195987).\n- CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image. (bsc#1196079)\n- CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An attacker with adjacent NFC access could crash the system or corrupt the system memory. (bsc#1196830)\n- CVE-2021-45402: The check_alu_op function in kernel/bpf/verifier.c did not properly update bounds while handling the mov32 instruction, which allowed local users to obtain potentially sensitive address information (bsc#1196130).\n\nThe following non-security bugs were fixed:\n\n- ACPI: APEI: fix return value of __setup handlers (git-fixes).\n- ACPI/APEI: Limit printable size of BERT table data (git-fixes).\n- ACPI: battery: Add device HID and quirk for Microsoft Surface Go 3 (git-fixes).\n- ACPI: bus: Avoid using CPPC if not supported by firmware (bsc#1199793).\n- ACPICA: Avoid cache flush inside virtual machines (git-fixes).\n- ACPICA: Avoid walking the ACPI Namespace if it is not there (git-fixes).\n- ACPI: CPPC: Assume no transition latency if no PCCT (git-fixes).\n- ACPI: CPPC: Avoid out of bounds access when parsing _CPC data (git-fixes).\n- ACPI: docs: enumeration: Amend PWM enumeration ASL example (git-fixes).\n- ACPI: docs: enumeration: Discourage to use custom _DSM methods (git-fixes).\n- ACPI: docs: enumeration: Remove redundant .owner assignment (git-fixes).\n- ACPI: docs: enumeration: Update UART serial bus resource documentation (git-fixes).\n- ACPI/IORT: Check node revision for PMCG resources (git-fixes).\n- ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default (git-fixes).\n- ACPI: PM: Revert \u0027Only mark EC GPE for wakeup on Intel systems\u0027 (git-fixes).\n- ACPI: PM: s2idle: Cancel wakeup before dispatching EC GPE (git-fixes).\n- ACPI: processor idle: Allow playing dead in C3 state (git-fixes).\n- ACPI: processor: idle: Avoid falling back to C3 type C-states (git-fixes).\n- ACPI: processor idle: Check for architectural support for LPI (git-fixes).\n- ACPI: processor: idle: fix lockup regression on 32-bit ThinkPad T40 (git-fixes).\n- ACPI: properties: Consistently return -ENOENT if there are no more references (git-fixes).\n- ACPI: property: Release subnode properties with data nodes (git-fixes).\n- ACPI: sysfs: Fix BERT error region memory mapping (git-fixes).\n- ACPI: video: Change how we determine if brightness key-presses are handled (git-fixes).\n- ACPI: video: Force backlight native for Clevo NL5xRU and NL5xNU (git-fixes).\n- ACPI / x86: Work around broken XSDT on Advantech DAC-BJ01 board (git-fixes).\n- af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register (git-fixes).\n- aio: Fix incorrect usage of eventfd_signal_allowed() (git-fixes).\n- ALSA: cmipci: Restore aux vol on suspend/resume (git-fixes).\n- ALSA: core: Add snd_card_free_on_error() helper (git-fixes).\n- ALSA: cs4236: fix an incorrect NULL check on list iterator (git-fixes).\n- ALSA: ctxfi: Add SB046x PCI ID (git-fixes).\n- ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction (git-fixes).\n- ALSA: fireworks: fix wrong return count shorter than expected by 4 bytes (git-fixes).\n- ALSA: hda: Add AlderLake-PS variant PCI ID (git-fixes).\n- ALSA: hda: Add PCI and HDMI IDs for Intel Raptor Lake (git-fixes).\n- ALSA: hda: Avoid unsol event during RPM suspending (git-fixes).\n- ALSA: hda/conexant - Fix loopback issue with CX20632 (git-fixes).\n- ALSA: hda/conexant: Fix missing beep setup (git-fixes).\n- ALSA: hda: Fix discovery of i915 graphics PCI device (bsc#1200611).\n- ALSA: hda: Fix driver index handling at re-binding (git-fixes).\n- ALSA: hda: Fix missing codec probe on Shenker Dock 15 (git-fixes).\n- ALSA: hda: Fix regression on forced probe mask option (git-fixes).\n- ALSA: hda: Fix signedness of sscanf() arguments (git-fixes).\n- ALSA: hda - fix unused Realtek function when PM is not enabled (git-fixes).\n- ALSA: hda/hdmi: fix warning about PCM count when used with SOF (git-fixes).\n- ALSA: hda/i915: Fix one too many pci_dev_put() (git-fixes).\n- ALSA: hda/i915 - skip acomp init if no matching display (git-fixes).\n- ALSA: hda: intel-dspcfg: use SOF for UpExtreme and UpExtreme11 boards (git-fixes).\n- ALSA: hda: intel-dsp-config: update AlderLake PCI IDs (git-fixes).\n- ALSA: hda: intel-nhlt: remove use of __func__ in dev_dbg (git-fixes).\n- ALSA: hda/realtek: Add alc256-samsung-headphone fixup (git-fixes).\n- ALSA: hda/realtek - Add HW8326 support (git-fixes).\n- ALSA: hda/realtek: Add missing fixup-model entry for Gigabyte X570 ALC1220 quirks (git-fixes).\n- ALSA: hda/realtek: Add mute LED quirk for HP Omen laptop (git-fixes).\n- ALSA: hda/realtek - Add new type for ALC245 (git-fixes).\n- ALSA: hda/realtek: Add quirk for ASUS GA402 (git-fixes).\n- ALSA: hda/realtek: Add quirk for ASUS GU603 (git-fixes).\n- ALSA: hda/realtek: Add quirk for Clevo NP50PNJ (git-fixes).\n- ALSA: hda/realtek: Add quirk for Clevo NP70PNJ (git-fixes).\n- ALSA: hda/realtek: Add quirk for Clevo NP70PNP (git-fixes).\n- ALSA: hda/realtek: Add quirk for Clevo NS50PU (git-fixes).\n- ALSA: hda/realtek: Add quirk for Clevo PD50PNT (git-fixes).\n- ALSA: hda/realtek: Add quirk for Clevo PD70PNT (git-fixes).\n- ALSA: hda/realtek: Add quirk for Dell Latitude 7520 (git-fixes).\n- ALSA: hda/realtek: Add quirk for HP Dev One (git-fixes).\n- ALSA: hda/realtek: Add quirk for Legion Y9000X 2019 (git-fixes).\n- ALSA: hda/realtek: add quirk for Lenovo Thinkpad X12 speakers (git-fixes).\n- ALSA: hda/realtek: Add quirk for the Framework Laptop (git-fixes).\n- ALSA: hda/realtek: Add quirk for TongFang devices with pop noise (git-fixes).\n- ALSA: hda/realtek: Add quirk for Yoga Duet 7 13ITL6 speakers (git-fixes).\n- ALSA: hda/realtek - ALC897 headset MIC no sound (git-fixes).\n- ALSA: hda/realtek: Apply fixup for Lenovo Yoga Duet 7 properly (git-fixes).\n- ALSA: hda/realtek: Enable 4-speaker output for Dell XPS 15 9520 laptop (git-fixes).\n- ALSA: hda/realtek: Enable headset mic on Lenovo P360 (git-fixes).\n- ALSA: hda/realtek: Fix audio regression on Mi Notebook Pro 2020 (git-fixes).\n- ALSA: hda/realtek: Fix deadlock by COEF mutex (bsc#1195913).\n- ALSA: hda/realtek: Fix for quirk to enable speaker output on the Lenovo Yoga DuetITL 2021 (git-fixes).\n- ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671 (git-fixes).\n- ALSA: hda/realtek - Fix microphone noise on ASUS TUF B550M-PLUS (git-fixes).\n- ALSA: hda: realtek: Fix race at concurrent COEF updates (git-fixes).\n- ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine (git-fixes).\n- ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machines (git-fixes).\n- ALSA: hda/realtek: Fix silent output on Gigabyte X570 Aorus Xtreme after reboot from Windows (git-fixes).\n- ALSA: hda/realtek: Fix silent output on Gigabyte X570S Aorus Master (newer chipset) (git-fixes).\n- ALSA: hda: Set max DMA segment size (git-fixes).\n- ALSA: hda: Skip codec shutdown in case the codec is not registered (git-fixes).\n- ALSA: hda/via: Fix missing beep setup (git-fixes).\n- ALSA: intel_hdmi: Fix reference to PCM buffer address (git-fixes).\n- ALSA: memalloc: Fix dma_need_sync() checks (bsc#1195913).\n- ALSA: memalloc: invalidate SG pages before sync (bsc#1195913).\n- ALSA: oss: Fix PCM OSS buffer allocation overflow (git-fixes).\n- ALSA: pci: fix reading of swapped values from pcmreg in AC97 codec (git-fixes).\n- ALSA: pcm: Add stream lock during PCM reset ioctl operations (git-fixes).\n- ALSA: pcm: Check for null pointer of pointer substream before dereferencing it (git-fixes).\n- ALSA: pcm: Fix races among concurrent hw_params and hw_free calls (git-fixes).\n- ALSA: pcm: Fix races among concurrent prealloc proc writes (git-fixes).\n- ALSA: pcm: Fix races among concurrent prepare and hw_params/hw_free calls (git-fixes).\n- ALSA: pcm: Fix races among concurrent read/write and buffer changes (git-fixes).\n- ALSA: pcm: Test for \u0027silence\u0027 field in struct \u0027pcm_format_data\u0027 (git-fixes).\n- ALSA: spi: Add check for clk_enable() (git-fixes).\n- ALSA: usb-audio: add mapping for MSI MAG X570S Torpedo MAX (git-fixes).\n- ALSA: usb-audio: add mapping for new Corsair Virtuoso SE (git-fixes).\n- ALSA: usb-audio: Add missing ep_idx in fixed EP quirks (git-fixes).\n- ALSA: usb-audio: Add mute TLV for playback volumes on RODE NT-USB (git-fixes).\n- ALSA: usb-audio: Add quirk bits for enabling/disabling generic implicit fb (git-fixes).\n- ALSA: usb-audio: Cancel pending work at closing a MIDI substream (git-fixes).\n- ALSA: usb-audio: Cap upper limits of buffer/period bytes for implicit fb (git-fixes).\n- ALSA: usb-audio: Clear MIDI port active flag after draining (git-fixes).\n- ALSA: usb-audio: Configure sync endpoints before data (git-fixes).\n- ALSA: usb-audio: Correct quirk for VF0770 (git-fixes).\n- ALSA: usb-audio: Do not abort resume upon errors (bsc#1195913).\n- ALSA: usb-audio: Do not get sample rate for MCT Trigger 5 USB-to-HDMI (git-fixes).\n- ALSA: usb-audio: Fix undefined behavior due to shift overflowing the constant (git-fixes).\n- ALSA: usb-audio: Increase max buffer size (git-fixes).\n- ALSA: usb-audio: initialize variables that could ignore errors (git-fixes).\n- ALSA: usb-audio: Limit max buffer and period sizes per time (git-fixes).\n- ALSA: usb-audio: Move generic implicit fb quirk entries into quirks.c (git-fixes).\n- ALSA: usb-audio: Optimize TEAC clock quirk (git-fixes).\n- ALSA: usb-audio: Restore Rane SL-1 quirk (git-fixes).\n- ALSA: usb-audio: revert to IMPLICIT_FB_FIXED_DEV for M-Audio FastTrack Ultra (git-fixes).\n- ALSA: usb-audio: Set up (implicit) sync for Saffire 6 (git-fixes).\n- ALSA: usb-audio: Skip generic sync EP parse for secondary EP (git-fixes).\n- ALSA: usb-audio: US16x08: Move overflow check before array access (git-fixes).\n- ALSA: usb-audio: Workaround for clock setup on TEAC devices (git-fixes).\n- ALSA: wavefront: Proper check of get_user() error (git-fixes).\n- ALSA: x86: intel_hdmi_audio: enable pm_runtime and set autosuspend delay (git-fixes).\n- ALSA: x86: intel_hdmi_audio: use pm_runtime_resume_and_get() (git-fixes).\n- alx: acquire mutex for alx_reinit in alx_change_mtu (git-fixes).\n- amd/display: set backlight only if required (git-fixes).\n- arch/arm64: Fix topology initialization for core scheduling (git-fixes).\n- arm64: Add Cortex-A510 CPU part definition (git-fixes).\n- arm64: Add part number for Arm Cortex-A78AE (git-fixes).\n- arm64: Add support for user sub-page fault probing (git-fixes)\n- arm64: alternatives: mark patch_alternative() as `noinstr` (git-fixes).\n- arm64: avoid fixmap race condition when create pud mapping (git-fixes).\n- arm64: compat: Do not treat syscall number as ESR_ELx for a bad syscall (git-fixes).\n- arm64: Correct wrong label in macro __init_el2_gicv3 (git-fixes).\n- arm64: defconfig: build imx-sdma as a module (git-fixes).\n- arm64: do not abuse pfn_valid() to ensure presence of linear map (git-fixes).\n- arm64: Do not defer reserve_crashkernel() for platforms with no DMA memory zones (git-fixes).\n- arm64: Do not include __READ_ONCE() block in assembly files (git-fixes).\n- arm64: dts: agilex: use the compatible \u0027intel,socfpga-agilex-hsotg\u0027 (git-fixes).\n- arm64: dts: armada-3720-turris-mox: Add missing ethernet0 alias (git-fixes).\n- arm64: dts: broadcom: bcm4908: use proper TWD binding (git-fixes).\n- arm64: dts: broadcom: Fix sata nodename (git-fixes).\n- arm64: dts: imx8mm-beacon: Enable RTS-CTS on UART3 (git-fixes).\n- arm64: dts: imx8mm-venice: fix spi2 pin configuration (git-fixes)\n- arm64: dts: imx8mn-beacon: Enable RTS-CTS on UART3 (git-fixes).\n- arm64: dts: imx8mn-ddr4-evk: Describe the 32.768 kHz PMIC clock (git-fixes)\n- arm64: dts: imx8mn: Fix SAI nodes (git-fixes)\n- arm64: dts: imx8mp-evk: correct eqos pad settings (git-fixes).\n- arm64: dts: imx8mp-evk: correct gpio-led pad settings (git-fixes).\n- arm64: dts: imx8mp-evk: correct I2C1 pad settings (git-fixes).\n- arm64: dts: imx8mp-evk: correct I2C3 pad settings (git-fixes).\n- arm64: dts: imx8mp-evk: correct mmc pad settings (git-fixes).\n- arm64: dts: imx8mp-evk: correct the uart2 pinctl value (git-fixes).\n- arm64: dts: imx8mp-evk: correct vbus pad settings (git-fixes).\n- arm64: dts: imx8mp-phyboard-pollux-rdk: correct eqos pad settings (git-fixes).\n- arm64: dts: imx8mp-phyboard-pollux-rdk: correct i2c2 \u0026 mmc settings (git-fixes).\n- arm64: dts: imx8mp-phyboard-pollux-rdk: correct uart pad settings (git-fixes).\n- arm64: dts: imx8mq: fix lcdif port node (git-fixes).\n- arm64: dts: imx8qm: Correct SCU clock controller\u0027s compatible (git-fixes)\n- arm64: dts: imx: Fix imx8*-var-som touchscreen property sizes (git-fixes).\n- arm64: dts: juno: Remove GICv2m dma-range (git-fixes).\n- arm64: dts: ls1028a-qds: move rtc node to the correct i2c bus (git-fixes).\n- arm64: dts: ls1043a: Update i2c dma properties (git-fixes).\n- arm64: dts: ls1046a: Update i2c node dma properties (git-fixes).\n- arm64: dts: marvell: armada-37xx: Remap IO space to bus address 0x0 (git-fixes).\n- arm64: dts: marvell: espressobin-ultra: enable front USB3 port (git-fixes).\n- arm64: dts: marvell: espressobin-ultra: fix SPI-NOR config (git-fixes).\n- arm64: dts: meson-g12: add ATF BL32 reserved-memory region (git-fixes).\n- arm64: dts: meson-g12b-odroid-n2: fix typo \u0027dio2133\u0027 (git-fixes).\n- arm64: dts: meson-g12: drop BL32 region from SEI510/SEI610 (git-fixes).\n- arm64: dts: meson-gx: add ATF BL32 reserved-memory region (git-fixes).\n- arm64: dts: meson: remove CPU opps below 1GHz for G12B boards (git-fixes).\n- arm64: dts: meson: remove CPU opps below 1GHz for SM1 boards (git-fixes).\n- arm64: dts: meson-sm1-bananapi-m5: fix wrong GPIO domain for GPIOE_2 (git-fixes).\n- arm64: dts: meson-sm1-bananapi-m5: fix wrong GPIO pin labeling for CON1 (git-fixes).\n- arm64: dts: meson-sm1-odroid: fix boot loop after reboot (git-fixes).\n- arm64: dts: meson-sm1-odroid: use correct enable-gpio pin for tf-io regulator (git-fixes).\n- arm64: dts: mt8192: Fix nor_flash status disable typo (git-fixes).\n- arm64: dts: ns2: Fix spi-cpol and spi-cpha property (git-fixes).\n- arm64: dts: qcom: ipq8074: fix the sleep clock frequency (git-fixes).\n- arm64: dts: qcom: msm8916-huawei-g7: Clarify installation instructions (git-fixes).\n- arm64: dts: qcom: msm8994: Fix BLSP[12]_DMA channels count (git-fixes).\n- arm64: dts: qcom: msm8994: Fix CPU6/7 reg values (git-fixes).\n- arm64: dts: qcom: msm8994: Fix the cont_splash_mem address (git-fixes).\n- arm64: dts: qcom: msm8996: Drop flags for mdss irqs (git-fixes).\n- arm64: dts: qcom: msm8996: remove snps,dw-pcie compatibles (git-fixes).\n- arm64: dts: qcom: pm8350c: stop depending on thermal_zones label (git-fixes).\n- arm64: dts: qcom: pmr735a: stop depending on thermal_zones label (git-fixes).\n- arm64: dts: qcom: qrb5165-rb5: Fix can-clock node name (git-fixes).\n- arm64: dts: qcom: sdm845-db845c: add wifi variant property (git-fixes).\n- arm64: dts: qcom: sdm845: Drop flags for mdss irqs (git-fixes).\n- arm64: dts: qcom: sdm845: fix microphone bias properties and values (git-fixes).\n- arm64: dts: qcom: sdm845: remove snps,dw-pcie compatibles (git-fixes).\n- arm64: dts: qcom: sdm845-xiaomi-beryllium: fix typo in panel\u0027s vddio-supply property (git-fixes).\n- arm64: dts: qcom: sm8150: Correct TCS configuration for apps rsc (git-fixes).\n- arm64: dts: qcom: sm8250: Drop flags for mdss irqs (git-fixes).\n- arm64: dts: qcom: sm8250: Fix MSI IRQ for PCIe1 and PCIe2 (git-fixes).\n- arm64: dts: qcom: sm8250: fix PCIe bindings to follow schema (git-fixes).\n- arm64: dts: qcom: sm8350: Correct TCS configuration for apps rsc (git-fixes).\n- arm64: dts: qcom: sm8350: Correct UFS symbol clocks (git-fixes).\n- arm64: dts: qcom: sm8350: Describe GCC dependency clocks (git-fixes).\n- arm64: dts: qcom: sm8350: Shorten camera-thermal-bottom name (git-fixes).\n- arm64: dts: renesas: Fix thermal bindings (git-fixes).\n- arm64: dts: renesas: ulcb-kf: fix wrong comment (git-fixes).\n- arm64: dts: rockchip: align pl330 node name with dtschema (git-fixes).\n- arm64: dts: rockchip: fix rk3399-puma eMMC HS400 signal integrity (git-fixes).\n- arm64: dts: rockchip: fix rk3399-puma-haikou USB OTG mode (git-fixes).\n- arm64: dts: rockchip: Fix SDIO regulator supply properties on rk3399-firefly (git-fixes).\n- arm64: dts: rockchip: Move drive-impedance-ohm to emmc phy on rk3399 (git-fixes).\n- arm64: dts: rockchip: reorder rk3399 hdmi clocks (git-fixes).\n- arm64: dts: rockchip: Switch RK3399-Gru DP to SPDIF output (git-fixes).\n- arm64: dts: ti: j7200-main: Fix \u0027dtbs_check\u0027 serdes_ln_ctrl node (git-fixes).\n- arm64: dts: ti: j721e-main: Fix \u0027dtbs_check\u0027 in serdes_ln_ctrl node (git-fixes).\n- arm64: dts: ti: k3-am64: Fix gic-v3 compatible regs (git-fixes).\n- arm64: dts: ti: k3-am64-main: Remove support for HS400 speed mode (git-fixes).\n- arm64: dts: ti: k3-am64-mcu: remove incorrect UART base clock rates (git-fixes).\n- arm64: dts: ti: k3-am65: Fix gic-v3 compatible regs (git-fixes).\n- arm64: dts: ti: k3-j7200: Fix gic-v3 compatible regs (git-fixes).\n- arm64: dts: ti: k3-j721e: Fix gic-v3 compatible regs (git-fixes).\n- arm64: Enable repeat tlbi workaround on KRYO4XX gold CPUs (git-fixes).\n- arm64: Ensure execute-only permissions are not allowed without EPAN (git-fixes)\n- arm64: fix clang warning about TRAMP_VALIAS (git-fixes).\n- arm64: fix types in copy_highpage() (git-fixes).\n- arm64: ftrace: consistently handle PLTs (git-fixes).\n- arm64: ftrace: fix branch range checks (git-fixes).\n- arm64: kasan: fix include error in MTE functions (git-fixes).\n- arm64: kvm: keep the field workaround_flags in structure kvm_vcpu_arch (git-fixes).\n- arm64: Mark start_backtrace() notrace and NOKPROBE_SYMBOL (git-fixes)\n- arm64: mm: Drop \u0027const\u0027 from conditional arm64_dma_phys_limit definition (git-fixes).\n- arm64: mm: fix p?d_leaf() (git-fixes).\n- arm64: module: remove (NOLOAD) from linker script (git-fixes).\n- arm64: mte: Ensure the cleared tags are visible before setting the PTE (git-fixes).\n- arm64: paravirt: Use RCU read locks to guard stolen_time (git-fixes).\n- arm64: patch_text: Fixup last cpu should be master (git-fixes).\n- arm64: prevent instrumentation of bp hardening callbacks (git-fixes).\n- arm64: signal: nofpsimd: Do not allocate fp/simd context when not available (git-fixes).\n- arm64: stackleak: fix current_top_of_stack() (git-fixes).\n- arm64: supported.conf: mark PHY_FSL_IMX8MQ_USB as supported (bsc#1199909)\n- arm64: tegra: Add missing DFLL reset on Tegra210 (git-fixes).\n- arm64: tegra: Adjust length of CCPLEX cluster MMIO region (git-fixes).\n- arm64: Update config files. (bsc#1199909) Add pfuze100 regulator as module\n- arm64: vdso: fix makefile dependency on vdso.so (git-fixes).\n- ARM: 9178/1: fix unmet dependency on BITREVERSE for HAVE_ARCH_BITREVERSE (git-fixes).\n- ARM: 9182/1: mmu: fix returns from early_param() and __setup() functions (git-fixes).\n- ARM: 9187/1: JIVE: fix return value of __setup handler (git-fixes).\n- ARM: 9191/1: arm/stacktrace, kasan: Silence KASAN warnings in unwind_frame() (git-fixes).\n- ARM: 9196/1: spectre-bhb: enable for Cortex-A15 (git-fixes).\n- ARM: 9197/1: spectre-bhb: fix loop8 sequence for Thumb2 (git-fixes).\n- ARM: at91: fix soc detection for SAM9X60 SiPs (git-fixes).\n- ARM: at91: pm: use proper compatible for sama5d2\u0027s rtc (git-fixes).\n- ARM: at91: pm: use proper compatibles for sam9x60\u0027s rtc and rtt (git-fixes).\n- ARM: boot: dts: bcm2711: Fix HVS register range (git-fixes).\n- ARM: cns3xxx: Fix refcount leak in cns3xxx_init (git-fixes).\n- ARM: configs: multi_v5_defconfig: re-enable CONFIG_V4L_PLATFORM_DRIVERS (git-fixes).\n- ARM: configs: multi_v5_defconfig: re-enable DRM_PANEL and FB_xxx (git-fixes).\n- ARM: config: u8500: Re-enable AB8500 battery charging (git-fixes).\n- ARM: davinci: da850-evm: Avoid NULL pointer dereference (git-fixes).\n- ARM: Do not use NOCROSSREFS directive with ld.lld (git-fixes).\n- ARM: dts: am3517-evm: Fix misc pinmuxing (git-fixes).\n- ARM: dts: aspeed: Add ADC for AST2600 and enable for Rainier and Everest (git-fixes).\n- ARM: dts: aspeed: Add secure boot controller node (git-fixes).\n- ARM: dts: aspeed: Add video engine to g6 (git-fixes).\n- ARM: dts: aspeed: ast2600-evb: Enable RX delay for MAC0/MAC1 (git-fixes).\n- ARM: dts: aspeed: Fix AST2600 quad spi group (git-fixes).\n- ARM: dts: aspeed-g6: fix SPI1/SPI2 quad pin group (git-fixes).\n- ARM: dts: aspeed-g6: remove FWQSPID group in pinctrl dtsi (git-fixes).\n- ARM: dts: at91: fix pinctrl phandles (git-fixes).\n- ARM: dts: at91: Map MCLK for wm8731 on at91sam9g20ek (git-fixes).\n- ARM: dts: at91: sam9x60ek: fix eeprom compatible and size (git-fixes).\n- ARM: dts: at91: sama5d2: Fix PMERRLOC resource size (git-fixes).\n- ARM: dts: at91: sama5d2_icp: fix eeprom compatibles (git-fixes).\n- ARM: dts: at91: sama5d4_xplained: fix pinctrl phandle name (git-fixes).\n- ARM: dts: bcm2711: Add the missing L1/L2 cache information (git-fixes).\n- ARM: dts: bcm2711-rpi-400: Fix GPIO line names (git-fixes).\n- ARM: dts: bcm2835-rpi-b: Fix GPIO line names (git-fixes).\n- ARM: dts: bcm2835-rpi-zero-w: Fix GPIO line name for Wifi/BT (git-fixes).\n- ARM: dts: bcm2837: Add the missing L1/L2 cache information (git-fixes).\n- ARM: dts: bcm2837-rpi-3-b-plus: Fix GPIO line name of power LED (git-fixes).\n- ARM: dts: bcm2837-rpi-cm3-io3: Fix GPIO line names for SMPS I2C (git-fixes).\n- ARM: dts: BCM5301X: update CRU block description (git-fixes).\n- ARM: dts: BCM5301X: Update pin controller node name (git-fixes).\n- ARM: dts: ci4x10: Adapt to changes in imx6qdl.dtsi regarding fec clocks (git-fixes).\n- ARM: dts: dra7: Fix suspend warning for vpe powerdomain (git-fixes).\n- ARM: dts: exynos: add atmel,24c128 fallback to Samsung EEPROM (git-fixes).\n- ARM: dts: exynos: add missing HDMI supplies on SMDK5250 (git-fixes).\n- ARM: dts: exynos: add missing HDMI supplies on SMDK5420 (git-fixes).\n- ARM: dts: exynos: fix UART3 pins configuration in Exynos5250 (git-fixes).\n- ARM: dts: Fix boot regression on Skomer (git-fixes).\n- ARM: dts: Fix mmc order for omap3-gta04 (git-fixes).\n- ARM: dts: Fix OpenBMC flash layout label addresses (git-fixes).\n- ARM: dts: Fix timer regression for beagleboard revision c (git-fixes).\n- ARM: dts: imx23-evk: Remove MX23_PAD_SSP1_DETECT from hog group (git-fixes).\n- ARM: dts: imx6dl-colibri: Fix I2C pinmuxing (git-fixes).\n- ARM: dts: imx6qdl-apalis: Fix sgtl5000 detection issue (git-fixes).\n- ARM: dts: imx6qdl: correct PU regulator ramp delay (git-fixes).\n- ARM: dts: imx6qdl-udoo: Properly describe the SD card detect (git-fixes).\n- ARM: dts: imx6ull-colibri: fix vqmmc regulator (git-fixes).\n- ARM: dts: imx7: Move hsic_phy power domain to HSIC PHY node (git-fixes).\n- ARM: dts: imx7ulp: Fix \u0027assigned-clocks-parents\u0027 typo (git-fixes).\n- ARM: dts: imx7: Use audio_mclk_post_div instead audio_mclk_root_clk (git-fixes).\n- ARM: dts: imx8mm-venice-gw{71xx,72xx,73xx}: fix OTG controller OC (git-fixes)\n- ARM: dts: imx: Add missing LVDS decoder on M53Menlo (git-fixes).\n- ARM: dts: logicpd-som-lv: Fix wrong pinmuxing on OMAP35 (git-fixes).\n- ARM: dts: meson8b: Fix the UART device-tree schema validation (git-fixes).\n- ARM: dts: meson8: Fix the UART device-tree schema validation (git-fixes).\n- ARM: dts: meson: Fix the UART compatible strings (git-fixes).\n- ARM: dts: ox820: align interrupt controller node name with dtschema (git-fixes).\n- ARM: dts: qcom: fix gic_irq_domain_translate warnings for msm8960 (git-fixes).\n- ARM: dts: qcom: ipq4019: fix sleep clock (git-fixes).\n- ARM: dts: qcom: msm8974: Drop flags for mdss irqs (git-fixes).\n- ARM: dts: qcom: sdx55: fix IPA interconnect definitions (git-fixes).\n- ARM: dts: rockchip: fix a typo on rk3288 crypto-controller (git-fixes).\n- ARM: dts: rockchip: reorder rk322x hmdi clocks (git-fixes).\n- ARM: dts: s5pv210: align DMA channels with dtschema (git-fixes).\n- ARM: dts: s5pv210: Correct interrupt name for bluetooth in Aries (git-fixes).\n- ARM: dts: s5pv210: Remove spi-cs-high on panel in Aries (git-fixes).\n- ARM: dts: socfpga: align interrupt controller node name with dtschema (git-fixes).\n- ARM: dts: socfpga: change qspi to \u0027intel,socfpga-qspi\u0027 (git-fixes).\n- ARM: dts: spear1340: Update serial node properties (git-fixes).\n- ARM: dts: spear13xx: Update SPI dma properties (git-fixes).\n- ARM: dts: stm32: fix AV96 board SAI2 pin muxing on stm32mp15 (git-fixes).\n- ARM: dts: stm32: Fix PHY post-reset delay on Avenger96 (git-fixes).\n- ARM: dts: sun8i: v3s: Move the csi1 block to follow address order (git-fixes).\n- ARM: dts: suniv: F1C100: fix watchdog compatible (git-fixes).\n- ARM: dts: switch timer config to common devkit8000 devicetree (git-fixes).\n- ARM: dts: Use 32KiHz oscillator on devkit8000 (git-fixes).\n- ARM: exynos: Fix refcount leak in exynos_map_pmu (git-fixes).\n- ARM: fix build warning in proc-v7-bugs.c (git-fixes).\n- ARM: fix co-processor register typo (git-fixes).\n- ARM: Fix kgdb breakpoint for Thumb2 (git-fixes).\n- ARM: Fix refcount leak in axxia_boot_secondary (git-fixes).\n- ARM: fix Thumb2 regression with Spectre BHB (git-fixes).\n- ARM: ftrace: avoid redundant loads or clobbering IP (git-fixes).\n- ARM: ftrace: ensure that ADR takes the Thumb bit into account (git-fixes).\n- ARM: hisi: Add missing of_node_put after of_find_compatible_node (git-fixes).\n- ARM: iop32x: offset IRQ numbers by 1 (git-fixes).\n- ARM: kprobes: Make space for instruction pointer on stack (bsc#1193277).\n- ARM: mediatek: select arch timer for mt7629 (git-fixes).\n- ARM: meson: Fix refcount leak in meson_smp_prepare_cpus (git-fixes).\n- ARM: mmp: Fix failure to remove sram device (git-fixes).\n- ARM: mstar: Select HAVE_ARM_ARCH_TIMER (git-fixes).\n- ARM: mxs_defconfig: Enable the framebuffer (git-fixes).\n- ARM: omap1: ams-delta: remove camera leftovers (git-fixes).\n- ARM: OMAP1: clock: Fix UART rate reporting algorithm (git-fixes).\n- ARM: OMAP2+: adjust the location of put_device() call in omapdss_init_of (git-fixes).\n- ARM: OMAP2+: Fix refcount leak in omap_gic_of_init (git-fixes).\n- ARM: OMAP2+: hwmod: Add of_node_put() before break (git-fixes).\n- ARM: pxa: maybe fix gpio lookup tables (git-fixes).\n- ARM: socfpga: fix missing RESET_CONTROLLER (git-fixes).\n- ARM: Spectre-BHB: provide empty stub for non-config (git-fixes).\n- ARM: tegra: tamonten: Fix I2C3 pad setting (git-fixes).\n- ARM: vexpress/spc: Avoid negative array index when !SMP (git-fixes).\n- ASoC: amd: Fix reference to PCM buffer address (git-fixes).\n- ASoC: amd: vg: fix for pm resume callback sequence (git-fixes).\n- ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe (git-fixes).\n- ASoC: atmel-classd: Remove endianness flag on class d component (git-fixes).\n- ASoC: atmel: Fix error handling in sam9x5_wm8731_driver_probe (git-fixes).\n- ASoC: atmel: Fix error handling in snd_proto_probe (git-fixes).\n- ASoC: atmel-pdmic: Remove endianness flag on pdmic component (git-fixes).\n- ASoC: atmel: Remove system clock tree configuration for at91sam9g20ek (git-fixes).\n- ASoC: atmel_ssc_dai: Handle errors for clk_enable (git-fixes).\n- ASoC: codecs: Check for error pointer after calling devm_regmap_init_mmio (git-fixes).\n- ASoC: codecs: lpass-rx-macro: fix sidetone register offsets (git-fixes).\n- ASoC: codecs: rx-macro: fix accessing array out of bounds for enum type (git-fixes).\n- ASoC: codecs: rx-macro: fix accessing compander for aux (git-fixes).\n- ASoC: codecs: va-macro: fix accessing array out of bounds for enum type (git-fixes).\n- ASoC: codecs: wc938x: fix accessing array out of bounds for enum type (git-fixes).\n- ASoC: codecs: wcd934x: Add missing of_node_put() in wcd934x_codec_parse_data (git-fixes).\n- ASoC: codecs: wcd934x: do not switch off SIDO Buck when codec is in use (git-fixes).\n- ASoC: codecs: wcd934x: fix kcontrol max values (git-fixes).\n- ASoC: codecs: wcd934x: fix return value of wcd934x_rx_hph_mode_put (git-fixes).\n- ASoC: codecs: wcd938x: fix return value of mixer put function (git-fixes).\n- ASoC: cpcap: Check for NULL pointer after calling of_get_child_by_name (git-fixes).\n- ASoC: cs35l36: Update digital volume TLV (git-fixes).\n- ASoC: cs4265: Fix the duplicated control name (git-fixes).\n- ASoC: cs42l51: Correct minimum value for SX volume control (git-fixes).\n- ASoC: cs42l52: Correct TLV for Bypass Volume (git-fixes).\n- ASoC: cs42l52: Fix TLV scales for mixer controls (git-fixes).\n- ASoC: cs42l56: Correct typo in minimum level for SX volume controls (git-fixes).\n- ASoC: cs53l30: Correct number of volume levels on SX controls (git-fixes).\n- ASoC: da7219: Fix change notifications for tone generator frequency (git-fixes).\n- ASoC: dapm: Do not fold register value changes into notifications (git-fixes).\n- ASoC: dmaengine: do not use a NULL prepare_slave_config() callback (git-fixes).\n- ASoC: dmaengine: Restore NULL prepare_slave_config() callback (git-fixes).\n- ASoC: dwc-i2s: Handle errors for clk_enable (git-fixes).\n- ASoC: es8328: Fix event generation for deemphasis control (git-fixes).\n- ASoC: fsi: Add check for clk_enable (git-fixes).\n- ASoC: fsl: Add missing error handling in pcm030_fabric_probe (git-fixes).\n- ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe (git-fixes).\n- ASoC: fsl_sai: Fix FSL_SAI_xDR/xFR definition (git-fixes).\n- ASoC: fsl_spdif: Disable TX clock when stop (git-fixes).\n- ASoC: fsl: Use dev_err_probe() helper (git-fixes).\n- ASoC: hdmi-codec: Fix OOB memory accesses (git-fixes).\n- ASoC: imx-es8328: Fix error return code in imx_es8328_probe() (git-fixes).\n- ASoC: imx-hdmi: Fix refcount leak in imx_hdmi_probe (git-fixes).\n- ASoC: Intel: bytcr_rt5640: Add quirk for the HP Pro Tablet 408 (git-fixes).\n- ASoC: intel: skylake: Set max DMA segment size (git-fixes).\n- ASoC: Intel: soc-acpi: correct device endpoints for max98373 (git-fixes).\n- ASoC: Intel: sof_sdw: fix quirks for 2022 HP Spectre x360 13\u0027 (git-fixes).\n- ASoC: madera: Add dependencies on MFD (git-fixes).\n- ASoC: max9759: fix underflow in speaker_gain_control_put() (git-fixes).\n- ASoC: max98090: Generate notifications on changes for custom control (git-fixes).\n- ASoC: max98090: Move check for invalid values before casting in max98090_put_enab_tlv() (git-fixes).\n- ASoC: max98090: Reject invalid values in custom control put() (git-fixes).\n- ASoC: max98357a: remove dependency on GPIOLIB (git-fixes).\n- ASoC: mediatek: Fix error handling in mt8173_max98090_dev_probe (git-fixes).\n- ASoC: mediatek: Fix missing of_node_put in mt2701_wm8960_machine_probe (git-fixes).\n- ASoC: mediatek: mt6358: add missing EXPORT_SYMBOLs (git-fixes).\n- ASoC: mediatek: mt8192-mt6359: Fix error handling in mt8192_mt6359_dev_probe (git-fixes).\n- ASoC: mediatek: use of_device_get_match_data() (git-fixes).\n- ASoC: meson: Fix event generation for AUI ACODEC mux (git-fixes).\n- ASoC: meson: Fix event generation for AUI CODEC mux (git-fixes).\n- ASoC: meson: Fix event generation for G12A tohdmi mux (git-fixes).\n- ASoC: msm8916-wcd-analog: Fix error handling in pm8916_wcd_analog_spmi_probe (git-fixes).\n- ASoC: msm8916-wcd-digital: Check failure for devm_snd_soc_register_component (git-fixes).\n- ASoC: msm8916-wcd-digital: Fix missing clk_disable_unprepare() in msm8916_wcd_digital_probe (git-fixes).\n- ASoC: mxs: Fix error handling in mxs_sgtl5000_probe (git-fixes).\n- ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe (git-fixes).\n- ASoC: mxs-saif: Handle errors for clk_enable (git-fixes).\n- ASoC: nau8822: Add operation for internal PLL off and on (git-fixes).\n- ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw() (git-fixes).\n- ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw_range() (git-fixes).\n- ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw_sx() (git-fixes).\n- ASoC: ops: Fix stereo change notifications in snd_soc_put_xr_sx() (git-fixes).\n- ASoC: ops: Reject out of bounds values in snd_soc_put_volsw() (git-fixes).\n- ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx() (git-fixes).\n- ASoC: ops: Reject out of bounds values in snd_soc_put_xr_sx() (git-fixes).\n- ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min (git-fixes).\n- ASoC: ops: Validate input values in snd_soc_put_volsw_range() (git-fixes).\n- ASoC: qcom: Actually clear DMA interrupt register for HDMI (git-fixes).\n- ASoC: rk3328: fix disabling mclk on pclk probe failure (git-fixes).\n- ASoC: rk817: Fix missing clk_disable_unprepare() in rk817_platform_probe (git-fixes).\n- ASoC: rk817: Use devm_clk_get() in rk817_platform_probe (git-fixes).\n- ASoC: rockchip: i2s: Fix missing clk_disable_unprepare() in rockchip_i2s_probe (git-fixes).\n- ASoC: rsnd: care default case on rsnd_ssiu_busif_err_status_clear() (git-fixes).\n- ASoC: rsnd: care return value from rsnd_node_fixed_index() (git-fixes).\n- ASoC: rt1015p: remove dependency on GPIOLIB (git-fixes).\n- ASoC: rt5514: Fix event generation for \u0027DSP Voice Wake Up\u0027 control (git-fixes).\n- ASoC: rt5645: Fix errorenous cleanup order (git-fixes).\n- ASoC: rt5663: check the return value of devm_kzalloc() in rt5663_parse_dp() (git-fixes).\n- ASoC: rt5668: do not block workqueue if card is unbound (git-fixes).\n- ASoC: rt5682: do not block workqueue if card is unbound (git-fixes).\n- ASoC: samsung: Fix refcount leak in aries_audio_probe (git-fixes).\n- ASoC: samsung: Use dev_err_probe() helper (git-fixes).\n- ASoC: simple-card: fix probe failure on platform component (git-fixes).\n- ASoC: simple-card-utils: Set sysclk on all components (git-fixes).\n- ASoC: soc-compress: Change the check for codec_dai (git-fixes).\n- ASoC: soc-compress: prevent the potentially use of null pointer (git-fixes).\n- ASoC: soc-core: skip zero num_dai component in searching dai name (git-fixes).\n- ASoC: soc-dapm: fix two incorrect uses of list iterator (git-fixes).\n- ASoC: soc-ops: fix error handling (git-fixes).\n- ASoC: SOF: Add missing of_node_put() in imx8m_probe (git-fixes).\n- ASoC: SOF: Fix NULL pointer exception in sof_pci_probe callback (git-fixes).\n- ASoC: SOF: hda: Set max DMA segment size (git-fixes).\n- ASoC: SOF: Intel: enable DMI L1 for playback streams (git-fixes).\n- ASoC: SOF: Intel: Fix build error without SND_SOC_SOF_PCI_DEV (git-fixes).\n- ASoC: SOF: Intel: Fix NULL ptr dereference when ENOMEM (git-fixes).\n- ASoC: SOF: Intel: match sdw version on link_slaves_found (git-fixes).\n- ASoC: SOF: topology: remove redundant code (git-fixes).\n- ASoC: sti: Fix deadlock via snd_pcm_stop_xrun() call (git-fixes).\n- ASoC: tas2770: Insert post reset delay (git-fixes).\n- ASoC: ti: davinci-i2s: Add check for clk_enable() (git-fixes).\n- ASoC: ti: j721e-evm: Fix refcount leak in j721e_soc_probe_* (git-fixes).\n- ASoC: topology: Allow TLV control to be either read or write (git-fixes).\n- ASoC: topology: Correct error handling in soc_tplg_dapm_widget_create() (git-fixes).\n- ASoC: topology: Optimize soc_tplg_dapm_graph_elems_load behavior (git-fixes).\n- ASoC: tscs454: Add endianness flag in snd_soc_component_driver (git-fixes).\n- ASoC: wm2000: fix missing clk_disable_unprepare() on error in wm2000_anc_transition() (git-fixes).\n- ASoC: wm8350: Handle error for wm8350_register_irq (git-fixes).\n- ASoC: wm8958: Fix change notifications for DSP controls (git-fixes).\n- ASoC: wm8962: Fix suspend while playing music (git-fixes).\n- ASoC: wm_adsp: Fix event generation for wm_adsp_fw_put() (git-fixes).\n- ASoC: xilinx: xlnx_formatter_pcm: Handle sysclk setting (git-fixes).\n- ASoC: xilinx: xlnx_formatter_pcm: Make buffer bytes multiple of period bytes (git-fixes).\n- assoc_array: Fix BUG_ON during garbage collect (git-fixes).\n- asus-wmi: Add dgpu disable method (bsc#1198058).\n- asus-wmi: Add egpu enable method (bsc#1198058).\n- asus-wmi: Add panel overdrive functionality (bsc#1198058).\n- asus-wmi: Add support for platform_profile (bsc#1198058).\n- ata: libata: add qc-\u003eflags in ata_qc_complete_template tracepoint (git-fixes).\n- ata: libata-core: Disable READ LOG DMA EXT for Samsung 840 EVOs (git-fixes).\n- ata: libata-core: Disable TRIM on M88V29 (git-fixes).\n- ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo() (git-fixes).\n- ata: libata-transport: fix {dma|pio|xfer}_mode sysfs files (git-fixes).\n- ata: pata_hpt37x: disable primary channel on HPT371 (git-fixes).\n- ata: pata_hpt37x: fix PCI clock detection (git-fixes).\n- ata: pata_marvell: Check the \u0027bmdma_addr\u0027 beforing reading (git-fixes).\n- ata: pata_octeon_cf: Fix refcount leak in octeon_cf_probe (git-fixes).\n- ata: sata_dwc_460ex: Fix crash due to OOB write (git-fixes).\n- ath10k: Fix error handling in ath10k_setup_msa_resources (git-fixes).\n- ath10k: fix memory overwrite of the WoWLAN wakeup packet pattern (git-fixes).\n- ath10k: skip ath10k_halt during suspend for driver state RESTARTING (git-fixes).\n- ath11k: acquire ab-\u003ebase_lock in unassign when finding the peer by addr (git-fixes).\n- ath11k: disable spectral scan during spectral deinit (git-fixes).\n- ath11k: Do not check arvif-\u003eis_started before sending management frames (git-fixes).\n- ath11k: fix kernel panic during unload/load ath11k modules (git-fixes).\n- ath11k: mhi: use mhi_sync_power_up() (git-fixes).\n- ath11k: pci: fix crash on suspend if board file is not found (git-fixes).\n- ath11k: set correct NL80211_FEATURE_DYNAMIC_SMPS for WCN6855 (git-fixes).\n- ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 (git-fixes).\n- ath9k: fix ar9003_get_eepmisc (git-fixes).\n- ath9k: fix QCA9561 PA bias level (git-fixes).\n- ath9k: Fix usage of driver-private space in tx_info (git-fixes).\n- ath9k_htc: fix potential out of bounds access with invalid rxstatus-\u003ers_keyix (git-fixes).\n- ath9k_htc: fix uninit value bugs (git-fixes).\n- ath9k: Properly clear TX status area before reporting to mac80211 (git-fixes).\n- atl1c: fix tx timeout after link flap on Mikrotik 10/25G NIC (git-fixes).\n- atm: eni: Add check for dma_map_single (git-fixes).\n- atm: firestream: check the return value of ioremap() in fs_init() (git-fixes).\n- atomics: Fix atomic64_{read_acquire,set_release} fallbacks (git-fixes).\n- audit: ensure userspace is penalized the same as the kernel when under pressure (git-fixes).\n- audit: improve audit queue handling when \u0027audit=1\u0027 on cmdline (git-fixes).\n- audit: improve robustness of the audit queue handling (git-fixes).\n- auxdisplay: lcd2s: Fix lcd2s_redefine_char() feature (git-fixes).\n- auxdisplay: lcd2s: Fix memory leak in -\u003eremove() (git-fixes).\n- auxdisplay: lcd2s: Use proper API to free the instance of charlcd object (git-fixes).\n- ax25: Fix NULL pointer dereference in ax25_kill_by_device (git-fixes).\n- ax25: improve the incomplete fix to avoid UAF and NPD bugs (git-fixes).\n- b43: Fix assigning negative value to unsigned variable (git-fixes).\n- b43legacy: Fix assigning negative value to unsigned variable (git-fixes).\n- bareudp: use ipv6_mod_enabled to check if IPv6 enabled (git-fixes).\n- batman-adv: Do not expect inter-netns unique iflink indices (git-fixes).\n- batman-adv: Do not skb_split skbuffs with frag_list (git-fixes).\n- batman-adv: Request iflink once in batadv_get_real_netdevice (git-fixes).\n- batman-adv: Request iflink once in batadv-on-batadv check (git-fixes).\n- bcache: avoid journal no-space deadlock by reserving 1 journal bucket (git-fixes).\n- bcache: avoid unnecessary soft lockup in kworker update_writeback_rate() (bsc#1197362).\n- bcache: fixup multiple threads crash (git-fixes).\n- bcache: fix use-after-free problem in bcache_device_free() (git-fixes).\n- bcache: improve multithreaded bch_btree_check() (git-fixes).\n- bcache: improve multithreaded bch_sectors_dirty_init() (git-fixes).\n- bcache: memset on stack variables in bch_btree_check() and bch_sectors_dirty_init() (git-fixes).\n- bcache: remove incremental dirty sector counting for bch_sectors_dirty_init() (git-fixes).\n- bfq: Allow current waker to defend against a tentative one (bsc#1195915).\n- bfq: Avoid false marking of bic as stably merged (bsc#1197926).\n- bfq: Avoid merging queues with different parents (bsc#1197926).\n- bfq: Do not let waker requests skip proper accounting (bsc#1184318).\n- bfq: Drop pointless unlock-lock pair (bsc#1197926).\n- bfq: Fix warning in bfqq_request_over_limit() (bsc#1200812).\n- bfq: Get rid of __bio_blkcg() usage (bsc#1197926).\n- bfq: Limit number of requests consumed by each cgroup (bsc#1184318).\n- bfq: Limit waker detection in time (bsc#1184318).\n- bfq: Make sure bfqg for which we are queueing requests is online (bsc#1197926).\n- bfq: Relax waker detection for shared queues (bsc#1184318).\n- bfq: Remove pointless bfq_init_rq() calls (bsc#1197926).\n- bfq: Split shared queues on move between cgroups (bsc#1197926).\n- bfq: Store full bitmap depth in bfq_data (bsc#1184318).\n- bfq: Track number of allocated requests in bfq_entity (bsc#1184318).\n- bfq: Track whether bfq_group is still online (bsc#1197926).\n- bfq: Update cgroup information before merging bio (bsc#1197926).\n- binfmt_flat: do not stop relocating GOT entries prematurely on riscv (git-fixes).\n- bitfield: add explicit inclusions to the example (git-fixes).\n- blkcg: Remove extra blkcg_bio_issue_init (bsc#1194585).\n- blk-cgroup: move blkcg_{get,set}_fc_appid out of line (bsc#1200045).\n- blk-cgroup: set blkg iostat after percpu stat aggregation (bsc#1198018).\n- blk-iolatency: Fix inflight count imbalances and IO hangs on offline (bsc#1200825).\n- blk-mq: cancel blk-mq dispatch work in both blk_cleanup_queue and disk_release() (bsc#1198034).\n- blk-mq: do not touch -\u003etagset in blk_mq_get_sq_hctx (bsc#1200824).\n- blk-mq: do not update io_ticks with passthrough requests (bsc#1200816).\n- blk-mq: fix tag_get wait task can\u0027t be awakened (bsc#1200263).\n- blk-mq: Fix wrong wakeup batch configuration which will cause hang (bsc#1200263).\n- blktrace: fix use after free for struct blk_trace (bsc#1198017).\n- block: assign bi_bdev for cloned bios in blk_rq_prep_clone (bsc#1198016).\n- block: avoid to quiesce queue in elevator_init_mq (bsc#1198013).\n- block, bfq: fix UAF problem in bfqg_stats_init() (bsc#1194583).\n- block: bio-integrity: Advance seed correctly for larger interval sizes (git-fixes).\n- block: Check ADMIN before NICE for IOPRIO_CLASS_RT (bsc#1198012).\n- block: do not delete queue kobject before its children (bsc#1198019).\n- block: do not merge across cgroup boundaries if blkcg is enabled (bsc#1198020).\n- block: fix async_depth sysfs interface for mq-deadline (bsc#1198015).\n- block: fix bio_clone_blkg_association() to associate with proper blkcg_gq (bsc#1200259).\n- block: Fix handling of offline queues in blk_mq_alloc_request_hctx() (git-fixes).\n- block: fix ioprio_get(IOPRIO_WHO_PGRP) vs setuid(2) (bsc#1194586).\n- block: Fix the maximum minor value is blk_alloc_ext_minor() (bsc#1198021).\n- block: Fix up kabi after blkcg merge fix (bsc#1198020).\n- block: Hold invalidate_lock in BLKRESETZONE ioctl (bsc#1198010).\n- block: limit request dispatch loop duration (bsc#1198022).\n- block/mq-deadline: Improve request accounting further (bsc#1198009).\n- block: Provide blk_mq_sched_get_icq() (bsc#1184318).\n- block: update io_ticks when io hang (bsc#1197817).\n- block/wbt: fix negative inflight counter when remove scsi device (bsc#1197819).\n- Bluetooth: btintel: Fix WBS setting for Intel legacy ROM products (git-fixes).\n- Bluetooth: btmtksdio: Fix kernel oops in btmtksdio_interrupt (git-fixes).\n- Bluetooth: btusb: Add another Realtek 8761BU (git-fixes).\n- Bluetooth: btusb: Add missing Chicony device for Realtek RTL8723BE (bsc#1196779).\n- Bluetooth: btusb: Add one more Bluetooth part for the Realtek RTL8852AE (git-fixes).\n- Bluetooth: btusb: Whitespace fixes for btusb_setup_csr() (git-fixes).\n- Bluetooth: call hci_le_conn_failed with hdev lock in hci_le_conn_failed (git-fixes).\n- Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout (git-fixes).\n- Bluetooth: Fix not checking for valid hdev on bt_dev_{info,warn,err,dbg} (git-fixes).\n- Bluetooth: Fix the creation of hdev-\u003ename (git-fixes).\n- Bluetooth: Fix use after free in hci_send_acl (git-fixes).\n- Bluetooth: hci_qca: Use del_timer_sync() before freeing (git-fixes).\n- Bluetooth: hci_serdev: call init_rwsem() before p-\u003eopen() (git-fixes).\n- Bluetooth: use hdev lock for accept_list and reject_list in conn req (git-fixes).\n- Bluetooth: use hdev lock in activate_scan for hci_is_adv_monitoring (git-fixes).\n- Bluetooth: use memset avoid memory leaks (git-fixes).\n- bnx2x: fix napi API usage sequence (bsc#1198217).\n- bnxt_en: Do not destroy health reporters during reset (bsc#1199736).\n- bnxt_en: Eliminate unintended link toggle during FW reset (bsc#1199736).\n- bnxt_en: Fix active FEC reporting to ethtool (git-fixes).\n- bnxt_en: Fix devlink fw_activate (jsc#SLE-18978).\n- bnxt_en: Fix incorrect multicast rx mask setting when not requested (git-fixes).\n- bnxt_en: Fix occasional ethtool -t loopback test failures (git-fixes).\n- bnxt_en: Fix offline ethtool selftest with RDMA enabled (git-fixes).\n- bnxt_en: Fix possible bnxt_open() failure caused by wrong RFS flag (git-fixes).\n- bnxt_en: Fix unnecessary dropping of RX packets (git-fixes).\n- bnxt_en: Increase firmware message response DMA wait time (git-fixes).\n- bnxt_en: Prevent XDP redirect from running when stopping TX queue (git-fixes).\n- bnxt_en: reserve space inside receive page for skb_shared_info (git-fixes).\n- bnxt_en: Restore the resets_reliable flag in bnxt_open() (jsc#SLE-18978).\n- bnxt_en: Synchronize tx when xdp redirects happen on same ring (git-fixes).\n- bonding: fix data-races around agg_select_timer (git-fixes).\n- bonding: force carrier update when releasing slave (git-fixes).\n- bonding: pair enable_port with slave_arr_updates (git-fixes).\n- bpf: Add check_func_arg_reg_off function (git-fixes).\n- bpf: add config to allow loading modules with BTF mismatches (bsc#1194501).\n- bpf: Avoid races in __bpf_prog_run() for 32bit arches (git-fixes).\n- bpf: Disallow negative offset in check_ptr_off_reg (git-fixes).\n- bpf: Fix comment for helper bpf_current_task_under_cgroup() (git-fixes).\n- bpf: Fix kernel address leakage in atomic cmpxchg\u0027s r0 aux reg (git-fixes).\n- bpf: Fix PTR_TO_BTF_ID var_off check (git-fixes).\n- bpf: Fix UAF due to race between btf_try_get_module and load_module (git-fixes).\n- bpf: Mark PTR_TO_FUNC register initially with zero offset (git-fixes).\n- bpf: Resolve to prog-\u003eaux-\u003edst_prog-\u003etype only for BPF_PROG_TYPE_EXT (git-fixes).\n- bpf: selftests: adapt bpf_iter_task_vma to get_inode_dev() (bsc#1198585).\n- bpf, selftests: Fix racing issue in btf_skc_cls_ingress test (git-fixes).\n- bpf, selftests: Update test case for atomic cmpxchg on r0 with pointer (git-fixes).\n- bpftool: Fix memory leak in prog_dump() (git-fixes).\n- bpftool: Remove inclusion of utilities.mak from Makefiles (git-fixes).\n- bpftool: Remove unused includes to bpf/bpf_gen_internal.h (git-fixes).\n- bpftool: Remove useless #include to perf-sys.h from map_perf_ring.c (git-fixes).\n- brcmfmac: firmware: Allocate space for default boardrev in nvram (git-fixes).\n- brcmfmac: firmware: Fix crash in brcm_alt_fw_path (git-fixes).\n- brcmfmac: pcie: Declare missing firmware files in pcie.c (git-fixes).\n- brcmfmac: pcie: Fix crashes due to early IRQs (git-fixes).\n- brcmfmac: pcie: Release firmwares in the brcmf_pcie_setup error path (git-fixes).\n- brcmfmac: pcie: Replace brcmf_pcie_copy_mem_todev with memcpy_toio (git-fixes).\n- brcmfmac: sdio: Fix undefined behavior due to shift overflowing the constant (git-fixes).\n- btrfs: add a BTRFS_FS_ERROR helper (bsc#1197915).\n- btrfs: add btrfs_set_item_*_nr() helpers (bsc#1197915).\n- btrfs: add helper to truncate inode items when logging inode (bsc#1197915).\n- btrfs: add missing run of delayed items after unlink during log replay (bsc#1197915).\n- btrfs: add ro compat flags to inodes (bsc#1197915).\n- btrfs: always update the logged transaction when logging new names (bsc#1197915).\n- btrfs: assert that extent buffers are write locked instead of only locked (bsc#1197915).\n- btrfs: avoid attempt to drop extents when logging inode for the first time (bsc#1197915).\n- btrfs: avoid expensive search when dropping inode items from log (bsc#1197915).\n- btrfs: avoid expensive search when truncating inode items from the log (bsc#1197915).\n- btrfs: Avoid live-lock in search_ioctl() on hardware with sub-page (git-fixes)\n- btrfs: avoid search for logged i_size when logging inode if possible (bsc#1197915).\n- btrfs: avoid unnecessarily logging directories that had no changes (bsc#1197915).\n- btrfs: avoid unnecessary lock and leaf splits when updating inode in the log (bsc#1197915).\n- btrfs: avoid unnecessary log mutex contention when syncing log (bsc#1197915).\n- btrfs: change error handling for btrfs_delete_*_in_log (bsc#1197915).\n- btrfs: change handle_fs_error in recover_log_trees to aborts (bsc#1197915).\n- btrfs: check if a log tree exists at inode_logged() (bsc#1197915).\n- btrfs: constify and cleanup variables in comparators (bsc#1197915).\n- btrfs: do not commit delayed inode when logging a file in full sync mode (bsc#1197915).\n- btrfs: do not log new dentries when logging that a new name exists (bsc#1197915).\n- btrfs: do not pin logs too early during renames (bsc#1197915).\n- btrfs: drop the _nr from the item helpers (bsc#1197915).\n- btrfs: eliminate some false positives when checking if inode was logged (bsc#1197915).\n- btrfs: factor out the copying loop of dir items from log_dir_items() (bsc#1197915).\n- btrfs: fix lost prealloc extents beyond eof after full fsync (bsc#1197915).\n- btrfs: fix lzo_decompress_bio() kmap leakage (bsc#1193852).\n- btrfs: fix memory leak in __add_inode_ref() (bsc#1197915).\n- btrfs: fix missing last dir item offset update when logging directory (bsc#1197915).\n- btrfs: fix re-dirty process of tree-log nodes (bsc#1197915).\n- btrfs: improve the batch insertion of delayed items (bsc#1197915).\n- btrfs: insert items in batches when logging a directory when possible (bsc#1197915).\n- btrfs: introduce btrfs_lookup_match_dir (bsc#1197915).\n- btrfs: introduce item_nr token variant helpers (bsc#1197915).\n- btrfs: keep track of the last logged keys when logging a directory (bsc#1197915).\n- btrfs: loop only once over data sizes array when inserting an item batch (bsc#1197915).\n- btrfs: make btrfs_file_extent_inline_item_len take a slot (bsc#1197915).\n- btrfs: only copy dir index keys when logging a directory (bsc#1197915).\n- btrfs: remove no longer needed checks for NULL log context (bsc#1197915).\n- btrfs: remove no longer needed full sync flag check at inode_logged() (bsc#1197915).\n- btrfs: remove no longer needed logic for replaying directory deletes (bsc#1197915).\n- btrfs: remove redundant log root assignment from log_dir_items() (bsc#1197915).\n- btrfs: remove root argument from add_link() (bsc#1197915).\n- btrfs: remove root argument from btrfs_log_inode() and its callees (bsc#1197915).\n- btrfs: remove root argument from btrfs_unlink_inode() (bsc#1197915).\n- btrfs: remove root argument from check_item_in_log() (bsc#1197915).\n- btrfs: remove root argument from drop_one_dir_item() (bsc#1197915).\n- btrfs: remove the btrfs_item_end() helper (bsc#1197915).\n- btrfs: remove unnecessary list head initialization when syncing log (bsc#1197915).\n- btrfs: remove unneeded return variable in btrfs_lookup_file_extent (bsc#1197915).\n- btrfs: rename btrfs_item_end_nr to btrfs_item_data_end (bsc#1197915).\n- btrfs: stop doing GFP_KERNEL memory allocations in the ref verify tool (bsc#1197915).\n- btrfs: unexport setup_items_for_insert() (bsc#1197915).\n- btrfs: unify lookup return value when dir entry is missing (bsc#1197915).\n- btrfs: update comment at log_conflicting_inodes() (bsc#1197915).\n- btrfs: use btrfs_item_size_nr/btrfs_item_offset_nr everywhere (bsc#1197915).\n- btrfs: use btrfs_next_leaf instead of btrfs_next_item when slots \u003e nritems (bsc#1197915).\n- btrfs: use single bulk copy operations when logging directories (bsc#1197915).\n- bus: fsl-mc-bus: fix KASAN use-after-free in fsl_mc_bus_remove() (git-fixes).\n- bus: sunxi-rsb: Fix the return value of sunxi_rsb_device_create() (git-fixes).\n- bus: ti-sysc: Fix warnings for unbind for serial (git-fixes).\n- bus: ti-sysc: Make omap3 gpt12 quirk handling SoC specific (git-fixes).\n- caif_virtio: fix race between virtio_device_ready() and ndo_open() (git-fixes).\n- can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path (git-fixes).\n- can: etas_es58x: change opened_channel_cnt\u0027s type from atomic_t to u8 (git-fixes).\n- can: etas_es58x: es58x_fd_rx_event_msg(): initialize rx_event_msg before calling es58x_check_msg_len() (git-fixes).\n- can: grcan: grcan_close(): fix deadlock (git-fixes).\n- can: grcan: grcan_probe(): fix broken system id check for errata workaround needs (git-fixes).\n- can: grcan: only use the NAPI poll budget for RX (git-fixes).\n- can: grcan: use ofdev-\u003edev when allocating DMA memory (git-fixes).\n- can: gs_usb: change active_channels\u0027s type from atomic_t to u8 (git-fixes).\n- can: isotp: fix error path in isotp_sendmsg() to unlock wait queue (git-fixes).\n- can: isotp: fix potential CAN frame reception race in isotp_rcv() (git-fixes).\n- can: isotp: restore accidentally removed MSG_PEEK feature (git-fixes).\n- can: isotp: return -EADDRNOTAVAIL when reading from unbound socket (git-fixes).\n- can: isotp: set default value for N_As to 50 micro seconds (git-fixes).\n- can: isotp: stop timeout monitoring when no first frame was sent (git-fixes).\n- can: isotp: support MSG_TRUNC flag when reading from socket (git-fixes).\n- can: m_can: m_can_tx_handler(): fix use after free of skb (git-fixes).\n- can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path (git-fixes).\n- can: mcba_usb: properly check endpoint type (git-fixes).\n- can: mcp251xfd: mcp251xfd_register_get_dev_id(): fix return of error value (git-fixes).\n- can: mcp251xfd: silence clang\u0027s -Wunaligned-access warning (git-fixes).\n- can: rcar_canfd: add __maybe_unused annotation to silence warning (git-fixes).\n- can: rcar_canfd: rcar_canfd_channel_probe(): register the CAN device when fully ready (git-fixes).\n- can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path (git-fixes).\n- can: xilinx_can: mark bit timing constants as const (git-fixes).\n- carl9170: fix missing bit-wise or operator for tx_params (git-fixes).\n- carl9170: tx: fix an incorrect use of list iterator (git-fixes).\n- CDC-NCM: avoid overflow in sanity checking (git-fixes).\n- ceph: fix setting of xattrs on async created inodes (bsc#1199611).\n- certs/blacklist_hashes.c: fix const confusion in certs blacklist (git-fixes).\n- cfg80211: declare MODULE_FIRMWARE for regulatory.db (git-fixes).\n- cfg80211: do not add non transmitted BSS to 6GHz scanned channels (git-fixes).\n- cfg80211: fix race in netlink owner interface destruction (git-fixes).\n- cfg80211: hold bss_lock while updating nontrans_list (git-fixes).\n- cgroup/cpuset: Fix a race between cpuset_attach() and cpu hotplug (bsc#1196869).\n- cgroup/cpuset: Fix \u0027suspicious RCU usage\u0027 lockdep warning (bsc#1196868).\n- cgroup/cpuset: Remove cpus_allowed/mems_allowed setup in cpuset_init_smp() (bsc#1199839).\n- cgroup-v1: Correct privileges check in release_agent writes (bsc#1196723).\n- char: tpm: cr50_i2c: Suppress duplicated error message in .remove() (git-fixes).\n- char: xillybus: fix a refcount leak in cleanup_dev() (git-fixes).\n- cifs: add WARN_ON for when chan_count goes below minimum (bsc#1193629).\n- cifs: adjust DebugData to use chans_need_reconnect for conn status (bsc#1193629).\n- cifs: alloc_path_with_tree_prefix: do not append sep. if the path is empty (bsc#1193629).\n- cifs: avoid parallel session setups on same channel (bsc#1193629).\n- cifs: avoid race during socket reconnect between send and recv (bsc#1193629).\n- cifs: call cifs_reconnect when a connection is marked (bsc#1193629).\n- cifs: call helper functions for marking channels for reconnect (bsc#1193629).\n- cifs: change smb2_query_info_compound to use a cached fid, if available (bsc#1193629).\n- cifs: check for smb1 in open_cached_dir() (bsc#1193629).\n- cifs: check reconnects for channels of active tcons too (bsc#1193629).\n- cifs: Check the IOCB_DIRECT flag, not O_DIRECT (bsc#1193629).\n- cifs: cifs_ses_mark_for_reconnect should also update reconnect bits (bsc#1193629).\n- cifs: clean up an inconsistent indenting (bsc#1193629).\n- cifs: convert the path to utf16 in smb2_query_info_compound (bsc#1193629).\n- cifs: destage any unwritten data to the server before calling copychunk_write (bsc#1193629).\n- cifs: do not build smb1ops if legacy support is disabled (bsc#1193629).\n- cifs: do not call cifs_dfs_query_info_nonascii_quirk() if nodfs was set (bsc#1193629).\n- cifs: do not skip link targets when an I/O fails (bsc#1194625).\n- cifs: do not use tcpStatus after negotiate completes (bsc#1193629).\n- cifs: do not use uninitialized data in the owner/group sid (bsc#1193629).\n- cifs: fix bad fids sent over wire (bsc#1197157).\n- cifs: fix confusing unneeded warning message on smb2.1 and earlier (bsc#1193629).\n- cifs: fix double free race when mount fails in cifs_get_root() (bsc#1193629).\n- cifs: fix FILE_BOTH_DIRECTORY_INFO definition (bsc#1193629).\n- cifs: fix handlecache and multiuser (bsc#1193629).\n- cifs: fix hang on cifs_get_next_mid() (bsc#1193629).\n- cifs: fix incorrect use of list iterator after the loop (bsc#1193629).\n- cifs: fix minor compile warning (bsc#1193629).\n- cifs: fix NULL ptr dereference in refresh_mounts() (bsc#1193629).\n- cifs: fix potential deadlock in direct reclaim (bsc#1193629).\n- cifs: fix potential double free during failed mount (bsc#1193629).\n- cifs: fix potential race with cifsd thread (bsc#1193629).\n- cifs: fix set of group SID via NTSD xattrs (bsc#1193629).\n- cifs: fix signed integer overflow when fl_end is OFFSET_MAX (bsc#1193629).\n- cifs: Fix smb311_update_preauth_hash() kernel-doc comment (bsc#1193629).\n- cifs: fix the cifs_reconnect path for DFS (bsc#1193629).\n- cifs: fix the connection state transitions with multichannel (bsc#1193629).\n- cifs: fix uninitialized pointer in error case in dfs_cache_get_tgt_share (bsc#1193629).\n- cifs: fix workstation_name for multiuser mounts (bsc#1193629).\n- cifs: force new session setup and tcon for dfs (bsc#1193629).\n- cifs: free ntlmsspblob allocated in negotiate (bsc#1193629).\n- cifs: maintain a state machine for tcp/smb/tcon sessions (bsc#1193629).\n- cifs: make status checks in version independent callers (bsc#1193629).\n- cifs: mark sessions for reconnection in helper function (bsc#1193629).\n- cifs: modefromsids must add an ACE for authenticated users (bsc#1193629).\n- cifs: move definition of cifs_fattr earlier in cifsglob.h (bsc#1193629).\n- cifs: move superblock magic defitions to magic.h (bsc#1193629).\n- cifs: potential buffer overflow in handling symlinks (bsc#1193629).\n- cifs: print TIDs as hex (bsc#1193629).\n- cifs: protect all accesses to chan_* with chan_lock (bsc#1193629).\n- cifs: quirk for STATUS_OBJECT_NAME_INVALID returned for non-ASCII dfs refs (bsc#1193629).\n- cifs: reconnect only the connection and not smb session where possible (bsc#1193629).\n- cifs: release cached dentries only if mount is complete (bsc#1193629).\n- cifs: remove check of list iterator against head past the loop body (bsc#1193629).\n- cifs: remove redundant assignment to pointer p (bsc#1193629).\n- cifs: remove repeated debug message on cifs_put_smb_ses() (bsc#1193629).\n- cifs: remove repeated state change in dfs tree connect (bsc#1193629).\n- cifs: remove unused variable ses_selected (bsc#1193629).\n- cifs: return ENOENT for DFS lookup_cache_entry() (bsc#1193629).\n- cifs: return the more nuanced writeback error on close() (bsc#1193629).\n- cifs: serialize all mount attempts (bsc#1193629).\n- cifs: set the CREATE_NOT_FILE when opening the directory in use_cached_dir() (bsc#1193629).\n- cifs: skip trailing separators of prefix paths (bsc#1193629).\n- cifs: smbd: fix typo in comment (bsc#1193629).\n- cifs: Split the smb3_add_credits tracepoint (bsc#1193629).\n- cifs: take cifs_tcp_ses_lock for status checks (bsc#1193629).\n- cifs: track individual channel status using chans_need_reconnect (bsc#1193629).\n- cifs: unlock chan_lock before calling cifs_put_tcp_session (bsc#1193629).\n- cifs: update internal module number (bsc#1193629).\n- cifs: update tcpStatus during negotiate and sess setup (bsc#1193629).\n- cifs: use a different reconnect helper for non-cifsd threads (bsc#1193629).\n- cifs: use correct lock type in cifs_reconnect() (bsc#1193629).\n- cifs: Use kzalloc instead of kmalloc/memset (bsc#1193629).\n- cifs: use new enum for ses_status (bsc#1193629).\n- cifs: use the chans_need_reconnect bitmap for reconnect status (bsc#1193629).\n- cifs: verify that tcon is valid before dereference in cifs_kill_sb (bsc#1193629).\n- cifs: version operations for smb20 unneeded when legacy support disabled (bsc#1193629).\n- cifs: we do not need a spinlock around the tree access during umount (bsc#1193629).\n- cifs: when extending a file with falloc we should make files not-sparse (bsc#1193629).\n- cifs: writeback fix (bsc#1193629).\n- clk: actions: Terminate clk_div_table with sentinel element (git-fixes).\n- clk: at91: generated: consider range when calculating best rate (git-fixes).\n- clk: at91: sama7g5: fix parents of PDMCs\u0027 GCLK (git-fixes).\n- clk: bcm2835: fix bcm2835_clock_choose_div (git-fixes).\n- clk: bcm2835: Remove unused variable (git-fixes).\n- clk: clps711x: Terminate clk_div_table with sentinel element (git-fixes).\n- clk: Enforce that disjoints limits are invalid (git-fixes).\n- clk: Fix clk_hw_get_clk() when dev is NULL (git-fixes).\n- clk: hisilicon: Terminate clk_div_table with sentinel element (git-fixes).\n- clk: imx7d: Remove audio_mclk_root_clk (git-fixes).\n- clk: imx8mp: fix usb_root_clk parent (git-fixes).\n- clk: imx: Add check for kcalloc (git-fixes).\n- clk: imx: off by one in imx_lpcg_parse_clks_from_dt() (git-fixes).\n- clk: imx: scu: Use pm_runtime_resume_and_get to fix pm_runtime_get_sync() usage (git-fixes).\n- clk: Initialize orphan req_rate (git-fixes).\n- clk: jz4725b: fix mmc0 clock gating (git-fixes).\n- clk: loongson1: Terminate clk_div_table with sentinel element (git-fixes).\n- clk: nxp: Remove unused variable (git-fixes).\n- clk: qcom: clk-rcg2: Update logic to calculate D value for RCG (git-fixes).\n- clk: qcom: clk-rcg2: Update the frac table for pixel clock (git-fixes).\n- clk: qcom: gcc-msm8994: Fix gpll4 width (git-fixes).\n- clk: qcom: ipq8074: fix PCI-E clock oops (git-fixes).\n- clk: qcom: ipq8074: Use floor ops for SDCC1 clock (git-fixes).\n- clk: renesas: r9a06g032: Fix the RTC hclock description (git-fixes).\n- clk: rockchip: drop CLK_SET_RATE_PARENT from dclk_vop* on rk3568 (git-fixes).\n- clk: si5341: fix reported clk_rate when output divider is 2 (git-fixes).\n- clk: sunxi: sun9i-mmc: check return value after calling platform_get_resource() (git-fixes).\n- clk: tegra: Add missing reset deassertion (git-fixes).\n- clk: tegra: tegra124-emc: Fix missing put_device() call in emc_ensure_emc_driver (git-fixes).\n- clk: ti: Preserve node in ti_dt_clocks_register() (git-fixes).\n- clk: uniphier: Fix fixed-rate initialization (git-fixes).\n- clocksource: acpi_pm: fix return value of __setup handler (git-fixes).\n- clocksource/drivers/exynos_mct: Handle DTS with higher number of interrupts (git-fixes).\n- clocksource/drivers/exynos_mct: Refactor resources allocation (git-fixes).\n- clocksource/drivers/oxnas-rps: Fix irq_of_parse_and_map() return value (git-fixes).\n- clocksource/drivers/sp804: Avoid error on multiple instances (git-fixes).\n- clocksource/drivers/timer-microchip-pit64b: Use notrace (git-fixes).\n- clocksource/drivers/timer-of: Check return value of of_iomap in timer_of_base_init() (git-fixes).\n- clocksource/drivers/timer-ti-dm: Fix regression from errata i940 fix (git-fixes).\n- clocksource: hyper-v: unexport __init-annotated hv_init_clocksource() (bsc#1201218).\n- comedi: drivers: ni_routes: Use strcmp() instead of memcmp() (git-fixes).\n- comedi: vmk80xx: fix expression for tx buffer size (git-fixes).\n- copy_process(): Move fd_install() out of sighand-\u003esiglock critical section (bsc#1199626).\n- cpufreq: intel_pstate: Add Ice Lake server to out-of-band IDs (bsc#1201228).\n- cpufreq: qcom-cpufreq-nvmem: fix reading of PVS Valid fuse (git-fixes).\n- cpuidle,intel_idle: Fix CPUIDLE_FLAG_IRQ_ENABLE (git-fixes).\n- cpuidle: intel_idle: Update intel_idle() kerneldoc comment (git-fixes).\n- cpuset: Fix the bug that subpart_cpus updated wrongly in update_cpumask() (bsc#1196866).\n- cputime, cpuacct: Include guest time in user time in (git-fixes)\n- crypto: amlogic - call finalize with bh disabled (git-fixes).\n- crypto: api - Move cryptomgr soft dependency into algapi (git-fixes).\n- crypto: arm/aes-neonbs-cbc - Select generic cbc and aes (git-fixes).\n- crypto: authenc - Fix sleep in atomic context in decrypt_tail (git-fixes).\n- crypto: caam - fix i.MX6SX entropy delay value (git-fixes).\n- crypto: cavium/nitrox - do not cast parameter in bit operations (git-fixes).\n- crypto: ccp - ccp_dmaengine_unregister release dma channels (git-fixes).\n- crypto: ccree - do not attempt 0 len DMA mappings (git-fixes).\n- crypto: ccree - Fix use after free in cc_cipher_exit() (git-fixes).\n- crypto: ccree - use fine grained DMA mapping dir (git-fixes).\n- crypto: cryptd - Protect per-CPU resource by disabling BH (git-fixes).\n- crypto: ecrdsa - Fix incorrect use of vli_cmp (git-fixes).\n- crypto: engine - check if BH is disabled during completion (git-fixes).\n- crypto: gemini - call finalize with bh disabled (git-fixes).\n- crypto: hisilicon/qm - cleanup warning in qm_vf_read_qos (git-fixes).\n- crypto: hisilicon/sec - fix the aead software fallback for engine (git-fixes).\n- crypto: hisilicon/sec - not need to enable sm4 extra mode at HW V3 (git-fixes).\n- crypto: marvell/cesa - ECB does not IV (git-fixes).\n- crypto: mxs-dcp - Fix scatterlist processing (git-fixes).\n- crypto: octeontx2 - remove CONFIG_DM_CRYPT check (git-fixes).\n- crypto: qat - disable registration of algorithms (git-fixes).\n- crypto: qat - do not cast parameter in bit operations (git-fixes).\n- crypto: qcom-rng - ensure buffer for generate is completely filled (git-fixes).\n- crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ (git-fixes).\n- crypto: rockchip - ECB does not need IV (git-fixes).\n- crypto: rsa-pkcs1pad - correctly get hash from source scatterlist (git-fixes).\n- crypto: rsa-pkcs1pad - fix buffer overread in pkcs1pad_verify_complete() (git-fixes).\n- crypto: rsa-pkcs1pad - only allow with rsa (git-fixes).\n- crypto: rsa-pkcs1pad - restore signature length check (git-fixes).\n- crypto: stm32 - fix reference leak in stm32_crc_remove (git-fixes).\n- crypto: sun8i-ce - call finalize with bh disabled (git-fixes).\n- crypto: sun8i-ss - call finalize with bh disabled (git-fixes).\n- crypto: sun8i-ss - handle zero sized sg (git-fixes).\n- crypto: sun8i-ss - really disable hash on A80 (git-fixes).\n- crypto: sun8i-ss - rework handling of IV (git-fixes).\n- crypto: vmx - add missing dependencies (git-fixes).\n- crypto: x86/chacha20 - Avoid spurious jumps to other functions (git-fixes).\n- crypto: x86 - eliminate anonymous module_init and module_exit (git-fixes).\n- crypto: xts - Add softdep on ecb (git-fixes).\n- dax: fix cache flush on PMD-mapped pages (bsc#1200830).\n- devlink: Add \u0027enable_iwarp\u0027 generic device param (bsc#1200502).\n- dim: initialize all struct fields (git-fixes).\n- display/amd: decrease message verbosity about watermarks table failure (git-fixes).\n- dma: at_xdmac: fix a missing check on list iterator (git-fixes).\n- dma-buf: fix use of DMA_BUF_SET_NAME_{A,B} in userspace (git-fixes).\n- dma-buf: heaps: Fix potential spectre v1 gadget (git-fixes).\n- dma-debug: fix return value of __setup handlers (git-fixes).\n- dma-direct: avoid redundant memory sync for swiotlb (git-fixes).\n- dmaengine: dw-edma: Fix unaligned 64bit access (git-fixes).\n- dmaengine: hisi_dma: fix MSI allocate fail when reload hisi_dma (git-fixes).\n- dmaengine: idxd: add missing callback function to support DMA_INTERRUPT (git-fixes).\n- dmaengine: idxd: add RO check for wq max_batch_size write (git-fixes).\n- dmaengine: idxd: add RO check for wq max_transfer_size write (git-fixes).\n- dmaengine: idxd: check GENCAP config support for gencfg register (git-fixes).\n- dmaengine: idxd: fix device cleanup on disable (git-fixes).\n- dmaengine: idxd: Fix the error handling path in idxd_cdev_register() (git-fixes).\n- dmaengine: idxd: restore traffic class defaults after wq reset (git-fixes).\n- dmaengine: idxd: set DMA_INTERRUPT cap bit (git-fixes).\n- dmaengine: idxd: skip clearing device context when device is read-only (git-fixes).\n- dmaengine: imx-sdma: Fix error checking in sdma_event_remap (git-fixes).\n- dmaengine: mediatek:Fix PM usage reference leak of mtk_uart_apdma_alloc_chan_resources (git-fixes).\n- dmaengine: ptdma: fix concurrency issue with multiple dma transfer (jsc#SLE-21315).\n- dmaengine: ptdma: Fix the error handling path in pt_core_init() (git-fixes).\n- dmaengine: ptdma: handle the cases based on DMA is complete (jsc#SLE-21315).\n- dmaengine: Revert \u0027dmaengine: shdma: Fix runtime PM imbalance on error\u0027 (git-fixes).\n- dmaengine: shdma: Fix runtime PM imbalance on error (git-fixes).\n- dmaengine: sh: rcar-dmac: Check for error num after dma_set_max_seg_size (git-fixes).\n- dmaengine: sh: rcar-dmac: Check for error num after setting mask (git-fixes).\n- dmaengine: stm32-dmamux: Fix PM disable depth imbalance in stm32_dmamux_probe (git-fixes).\n- dmaengine: stm32-mdma: fix chan initialization in stm32_mdma_irq_handler() (git-fixes).\n- dmaengine: stm32-mdma: remove GISR1 register (git-fixes).\n- dmaengine: zynqmp_dma: In struct zynqmp_dma_chan fix desc_size data type (git-fixes).\n- dma-mapping: remove bogus test for pfn_valid from dma_map_resource (git-fixes).\n- dma/pool: create dma atomic pool only if dma zone has managed pages (bsc#1197501).\n- dm crypt: fix get_key_size compiler warning if !CONFIG_KEYS (git-fixes).\n- dm: fix use-after-free in dm_cleanup_zoned_dev() (git-fixes).\n- dm integrity: fix error code in dm_integrity_ctr() (git-fixes).\n- dm integrity: set journal entry unused when shrinking device (git-fixes).\n- dm mirror log: round up region bitmap size to BITS_PER_LONG (git-fixes).\n- dm mpath: only use ktime_get_ns() in historical selector (git-fixes).\n- dm verity: set DM_TARGET_IMMUTABLE feature flag (git-fixes).\n- doc/ip-sysctl: add bc_forwarding (git-fixes).\n- docs/conf.py: Cope with removal of language=None in Sphinx 5.0.0 (git-fixes).\n- Documentation: add link to stable release candidate tree (git-fixes).\n- Documentation: dd: Use ReST lists for return values of driver_deferred_probe_check_state() (git-fixes).\n- Documentation: Fix duplicate statement about raw_spinlock_t type (git-fixes).\n- Documentation: update stable tree link (git-fixes).\n- do not call utsname() after -\u003ensproxy is NULL (bsc#1201196).\n- drbd: fix an invalid memory access caused by incorrect use of list iterator (git-fixes).\n- drbd: fix duplicate array initializer (git-fixes).\n- drbd: Fix five use after free bugs in get_initial_state (git-fixes).\n- drbd: remove assign_p_sizes_qlim (git-fixes).\n- drbd: use bdev_alignment_offset instead of queue_alignment_offset (git-fixes).\n- drbd: use bdev based limit helpers in drbd_send_sizes (git-fixes).\n- driver base: fix an unlikely reference counting issue in __add_memory_block() (git-fixes).\n- driver base: fix compaction sysfs file leak (git-fixes).\n- driver: base: fix UAF when driver_attach failed (git-fixes).\n- driver core: dd: fix return value of __setup handler (git-fixes).\n- driver core: fix deadlock in __device_attach (git-fixes).\n- driver core: Fix wait_for_device_probe() and deferred_probe_timeout interaction (git-fixes).\n- driver core: Free DMA range map when device is released (git-fixes).\n- driver: hv: Compare cpumasks and not their weights in init_vp_index() (git-fixes).\n- driver: hv: log when enabling crash_kexec_post_notifiers (git-fixes).\n- driver: hv: Rename \u0027alloced\u0027 to \u0027allocated\u0027 (git-fixes).\n- driver: hv: utils: Make use of the helper macro LIST_HEAD() (git-fixes).\n- driver: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj (git-fixes).\n- driver: hv: vmbus: Fix potential crash on module unload (git-fixes).\n- driver: hv: vmbus: Use struct_size() helper in kmalloc() (git-fixes).\n- driver: i2c: thunderx: Allow driver to work with ACPI defined TWSI controllers (git-fixes).\n- driver: net: xgene: Fix regression in CRC stripping (git-fixes).\n- drivers: cpufreq: Add missing of_node_put() in qoriq-cpufreq.c (git-fixes).\n- drivers: mmc: sdhci_am654: Add the quirk to set TESTCD bit (git-fixes).\n- drivers: staging: rtl8192bs: Fix deadlock in rtw_joinbss_event_prehandle() (git-fixes).\n- drivers: staging: rtl8192e: Fix deadlock in rtllib_beacons_stop() (git-fixes).\n- drivers: staging: rtl8192u: Fix deadlock in ieee80211_beacons_stop() (git-fixes).\n- drivers: staging: rtl8723bs: Fix deadlock in rtw_surveydone_event_callback() (git-fixes).\n- drivers: tty: serial: Fix deadlock in sa1100_set_termios() (git-fixes).\n- drivers: usb: host: Fix deadlock in oxu_bus_suspend() (git-fixes).\n- drm: add a locked version of drm_is_current_master (git-fixes).\n- drm: Add orientation quirk for GPD Win Max (git-fixes).\n- drm/amd: Add USBC connector ID (git-fixes).\n- drm/amd/amdgpu/amdgpu_cs: fix refcount leak of a dma_fence obj (git-fixes).\n- drm/amd: avoid suspend on dGPUs w/ s2idle support when runtime PM enabled (git-fixes).\n- drm/amd: Check if ASPM is enabled from PCIe subsystem (git-fixes).\n- drm/amd/display: Add affected crtcs to atomic state for dsc mst unplug (git-fixes).\n- drm/amd/display: Add pstate verification and recovery for DCN31 (git-fixes).\n- drm/amd/display: Add signal type check when verify stream backends same (git-fixes).\n- drm/amd/display: Avoid reading audio pattern past AUDIO_CHANNELS_COUNT (git-fixes).\n- drm/amd/display: Cap OLED brightness per max frame-average luminance (git-fixes).\n- drm/amd/display: Cap pflip irqs per max otg number (git-fixes).\n- drm/amd/display: Check if modulo is 0 before dividing (git-fixes).\n- drm/amd/display: DCN3.1: do not mark as kernel-doc (git-fixes).\n- drm/amd/display: Disabling Z10 on DCN31 (git-fixes).\n- drm/amd/display: do not ignore alpha property on pre-multiplied mode (git-fixes).\n- drm/amd/display: Do not reinitialize DMCUB on s0ix resume (git-fixes).\n- drm/amd/display: Enable power gating before init_pipes (git-fixes).\n- drm/amd/display: FEC check in timing validation (git-fixes).\n- drm/amd/display: Fix allocate_mst_payload assert on resume (git-fixes).\n- drm/amd/display: Fix a NULL pointer dereference in amdgpu_dm_connector_add_common_modes() (git-fixes).\n- drm/amd/display: fix audio format not updated after edid updated (git-fixes).\n- drm/amd/display: Fix memory leak (git-fixes).\n- drm/amd/display: Fix memory leak in dcn21_clock_source_create (bsc#1190786)\n- drm/amd/display: Fix OLED brightness control on eDP (git-fixes).\n- drm/amd/display: Fix p-state allow debug index on dcn31 (git-fixes).\n- drm/amd/display: fix yellow carp wm clamping (git-fixes).\n- drm/amd/display: Force link_rate as LINK_RATE_RBR2 for 2018 15\u0027 Apple Retina panels (git-fixes).\n- drm/amd/display: For vblank_disable_immediate, check PSR is really used (git-fixes).\n- drm/amd/display: Protect update_bw_bounding_box FPU code (git-fixes).\n- drm/amd/display: Read Golden Settings Table from VBIOS (git-fixes).\n- drm/amd/display: Remove vupdate_int_entry definition (git-fixes).\n- drm/amd/display: Revert FEC check in validation (git-fixes).\n- drm/amd/display: Update VTEM Infopacket definition (git-fixes).\n- drm/amd/display: Update watermark values for DCN301 (git-fixes).\n- drm/amd/display: Use adjusted DCN301 watermarks (git-fixes).\n- drm/amd/display: Use PSR version selected during set_psr_caps (git-fixes).\n- drm/amd/display: watermark latencies is not enough on DCN31 (git-fixes).\n- drm/amdgpu: add beige goby PCI ID (git-fixes).\n- drm/amdgpu: bypass tiling flag check in virtual display case (v2) (git-fixes).\n- drm/amdgpu: check vm ready by amdgpu_vm-\u003eevicting flag (git-fixes).\n- drm/amdgpu: conduct a proper cleanup of PDB bo (git-fixes).\n- drm/amdgpu/cs: make commands with 0 chunks illegal behaviour (git-fixes).\n- drm/amdgpu: disable MMHUB PG for Picasso (git-fixes).\n- drm/amdgpu/display: add support for multiple backlights (git-fixes).\n- drm/amdgpu: do not do resets on APUs which do not support it (git-fixes).\n- drm/amdgpu: do not enable asic reset for raven2 (git-fixes).\n- drm/amdgpu: do not set s3 and s0ix at the same time (git-fixes).\n- drm/amdgpu: do not use BACO for reset in S3 (git-fixes).\n- drm/amdgpu: do not use passthrough mode in Xen dom0 (git-fixes).\n- drm/amdgpu: Drop inline from amdgpu_ras_eeprom_max_record_count (git-fixes).\n- drm/amdgpu: Enable gfxoff quirk on MacBook Pro (git-fixes).\n- drm/amdgpu: Ensure HDA function is suspended before ASIC reset (git-fixes).\n- drm/amdgpu: explicitly check for s0ix when evicting resources (git-fixes).\n- drm/amdgpu: fix amdgpu_ras_block_late_init error handler (bsc#1190497)\n- drm/amdgpu: fix logic inversion in check (git-fixes).\n- drm/amdgpu: fix off by one in amdgpu_gfx_kiq_acquire() (git-fixes).\n- drm/amdgpu: Fix recursive locking warning (git-fixes).\n- drm/amdgpu: fix suspend/resume hang regression (git-fixes).\n- drm/amdgpu/sdma: Fix incorrect calculations of the wptr of the doorbells (git-fixes).\n- drm/amdgpu: skipping SDMA hw_init and hw_fini for S0ix (git-fixes).\n- drm/amdgpu/smu10: fix SoC/fclk units in auto mode (git-fixes).\n- drm/amdgpu: suppress the warning about enum value \u0027AMD_IP_BLOCK_TYPE_NUM\u0027 (git-fixes).\n- drm/amdgpu/ucode: Remove firmware load type check in amdgpu_ucode_free_bo (git-fixes).\n- drm/amdgpu: unify BO evicting method in amdgpu_ttm (git-fixes).\n- drm/amdgpu: update VCN codec support for Yellow Carp (git-fixes).\n- drm/amdgpu/vcn: Fix the register setting for vcn1 (git-fixes).\n- drm/amdgpu/vcn: improve vcn dpg stop procedure (git-fixes).\n- drm/amdgpu: vi: disable ASPM on Intel Alder Lake based systems (bsc#1190786)\n- drm/amdkfd: add pinned BOs to kfd_bo_list (git-fixes).\n- drm/amdkfd: Check for potential null return of kmalloc_array() (git-fixes).\n- drm/amdkfd: Create file descriptor after client is added to smi_clients list (git-fixes).\n- drm/amdkfd: Do not take process mutex for svm ioctls (git-fixes).\n- drm/amdkfd: Fix GWS queue count (bsc#1190786)\n- drm/amdkfd: Fix Incorrect VMIDs passed to HWS (git-fixes).\n- drm/amdkfd: make CRAT table missing message informational only (git-fixes).\n- drm/amdkfd: remove unused function (git-fixes).\n- drm/amdkfd: Separate pinned BOs destruction from general routine (bsc#1195287).\n- drm/amdkfd: Use mmget_not_zero in MMU notifier (git-fixes).\n- drm/amd/pm: correct the MGpuFanBoost support for Beige Goby (git-fixes).\n- drm/amd/pm: correct the sequence of sending gpu reset msg (git-fixes).\n- drm/amd/pm: correct UMD pstate clocks for Dimgrey Cavefish and Beige Goby (git-fixes).\n- drm/amd/pm: enable pm sysfs write for one VF mode (git-fixes).\n- drm/amd/pm: fix hwmon node of power1_label create issue (git-fixes).\n- drm/amd/pm: Fix missing thermal throttler status (git-fixes).\n- drm/amd/pm: fix some OEM SKU specific stability issues (git-fixes).\n- drm/amd/pm: return -ENOTSUPP if there is no get_dpm_ultimate_freq function (git-fixes).\n- drm/amd/pm: update smartshift powerboost calc for smu12 (git-fixes).\n- drm/amd/pm: update smartshift powerboost calc for smu13 (git-fixes).\n- drm/amd/pm: use bitmap_{from,to}_arr32 where appropriate (git-fixes).\n- drm/ast: Create threshold values for AST2600 (bsc#1190786)\n- drm/atomic: Do not pollute crtc_state-\u003emode_blob with error pointers (git-fixes).\n- drm/atomic: Force bridge self-refresh-exit on CRTC switch (git-fixes).\n- drm: avoid circular locks in drm_mode_getconnector (git-fixes).\n- drm/blend: fix typo in the comment (git-fixes).\n- drm/bridge: Add missing pm_runtime_disable() in __dw_mipi_dsi_probe (git-fixes).\n- drm/bridge: Add missing pm_runtime_put_sync (git-fixes).\n- drm/bridge: adv7511: clean up CEC adapter when probe fails (git-fixes).\n- drm: bridge: adv7511: Fix ADV7535 HPD enablement (git-fixes).\n- drm/bridge: analogix_dp: Grab runtime PM reference for DP-AUX (git-fixes).\n- drm/bridge: analogix_dp: Support PSR-exit to disable transition (git-fixes).\n- drm/bridge: anx7625: Fix overflow issue on reading EDID (git-fixes).\n- drm/bridge: cdns-dsi: Make sure to to create proper aliases for dt (git-fixes).\n- drm/bridge: dw-hdmi: use safe format when first in bridge chain (git-fixes).\n- drm/bridge: Fix error handling in analogix_dp_probe (git-fixes).\n- drm/bridge: Fix free wrong object in sii8620_init_rcp_input_dev (git-fixes).\n- drm: bridge: fix unmet dependency on DRM_KMS_HELPER for DRM_PANEL_BRIDGE (git-fixes).\n- drm: bridge: icn6211: Fix HFP_HSW_HBP_HI and HFP_MIN handling (bsc#1190786)\n- drm: bridge: icn6211: Fix register layout (git-fixes).\n- drm: bridge: it66121: Fix the register page length (git-fixes).\n- drm/bridge: nwl-dsi: Fix PM disable depth imbalance in nwl_dsi_probe (git-fixes).\n- drm/bridge: sn65dsi83: Fix an error handling path in (bsc#1190786)\n- drm/bridge: ti-sn65dsi83: Handle dsi_lanes == 0 as invalid (git-fixes).\n- drm/bridge: ti-sn65dsi86: Properly undo autosuspend (git-fixes).\n- drm/cma-helper: Set VM_DONTEXPAND for mmap (git-fixes).\n- drm/connector: Fix typo in output format (bsc#1190786)\n- drm/doc: overview before functions for drm_writeback.c (git-fixes).\n- drm/dp: Fix OOB read when handling Post Cursor2 register (bsc#1190786)\n- drm/edid: Always set RGB444 (git-fixes).\n- drm/edid: check basic audio support on CEA extension block (git-fixes).\n- drm/edid: Do not clear formats if using deep color (git-fixes).\n- drm/edid: fix CEA extension byte #3 parsing (bsc#1190786)\n- drm/edid: fix invalid EDID extension block filtering (git-fixes).\n- drm/etnaviv: check for reaped mapping in etnaviv_iommu_unmap_gem (git-fixes).\n- drm/fb-helper: Mark screen buffers in system memory with FBINFO_VIRTFB (git-fixes).\n- drm/fourcc: fix integer type usage in uapi header (git-fixes).\n- drm/i915/adlp: Fix TypeC PHY-ready status readout (git-fixes).\n- drm/i915: Allow !join_mbus cases for adlp+ dbuf configuration (bsc#1193640).\n- drm/i915: Check EDID for HDR static metadata when choosing blc (bsc#1190497)\n- drm/i915: Correctly populate use_sagv_wm for all pipes (git-fixes).\n- drm/i915/dg2: Print PHY name properly on calibration error (git-fixes).\n- drm/i915: Disable DRRS on IVB/HSW port != A (git-fixes).\n- drm/i915/display: Fix HPD short pulse handling for eDP (git-fixes).\n- drm/i915/display: Move DRRS code its own file (git-fixes).\n- drm/i915/display/psr: Unset enable_psr2_sel_fetch if other checks in intel_psr2_config_valid() fails (git-fixes).\n- drm/i915/display: split out dpt out of intel_display.c (git-fixes).\n- drm/i915/dmc: Add MMIO range restrictions (git-fixes).\n- drm/i915/dsi: fix VBT send packet port selection for ICL+ (git-fixes).\n- drm/i915: Fix bw atomic check when switching between SAGV vs. no SAGV (git-fixes).\n- drm/i915: Fix CFI violation with show_dynamic_id() (git-fixes).\n- drm/i915: Fix dbuf slice config lookup (git-fixes bsc#1193640).\n- drm/i915: Fix mbus join config lookup (git-fixes bsc#1193640).\n- drm/i915: Fix PSF GV point mask when SAGV is not possible (git-fixes).\n- drm/i915: Fix race in __i915_vma_remove_closed (bsc#1190497)\n- drm/i915: Fix SEL_FETCH_PLANE_*(PIPE_B+) register addresses (bsc#1190497)\n- drm/i915: Fix -Wstringop-overflow warning in call to intel_read_wm_latency() (git-fixes).\n- drm/i915/gem: add missing boundary check in vm_access (git-fixes).\n- drm/i915/gem: add missing else (git-fixes).\n- drm/i915/guc/slpc: Correct the param count for unset param (git-fixes).\n- drm/i915/gvt: clean up kernel-doc in gtt.c (git-fixes).\n- drm/i915/gvt: Make DRM_I915_GVT depend on X86 (git-fixes).\n- drm/i915: Implement w/a 22010492432 for adl-s (git-fixes).\n- drm/i915: Keep gem ctx-\u003evm alive until the final put (bsc#1190497)\n- drm/i915/opregion: check port number bounds for SWSCI display power state (git-fixes).\n- drm/i915/overlay: Prevent divide by zero bugs in scaling (git-fixes).\n- drm/i915: Populate pipe dbuf slices more accurately during readout (bsc#1193640).\n- drm/i915/reset: Fix error_state_read ptr + offset use (git-fixes).\n- drm/i915: s/JSP2/ICP2/ PCH (git-fixes).\n- drm/i915: Treat SAGV block time 0 as SAGV disabled (git-fixes).\n- drm/i915/ttm: ensure we unmap when purging (git-fixes).\n- drm/i915/ttm: tweak priority hint selection (git-fixes).\n- drm/i915: Widen the QGV point mask (git-fixes).\n- drm/i915: Workaround broken BIOS DBUF configuration on TGL/RKL (bsc#1193640).\n- drm/imx: dw_hdmi-imx: Fix bailout in error cases of probe (git-fixes).\n- drm: imx: fix compiler warning with gcc-12 (git-fixes).\n- drm/imx: Fix memory leak in imx_pd_connector_get_modes (git-fixes).\n- drm/imx: imx-ldb: Check for null pointer after calling kmemdup (git-fixes).\n- drm/imx: parallel-display: Remove bus flags check in imx_pd_bridge_atomic_check() (git-fixes).\n- drm/kmb: Fix for build errors with Warray-bounds (git-fixes).\n- drm/komeda: Fix an undefined behavior bug in komeda_plane_add() (git-fixes).\n- drm/komeda: return early if drm_universal_plane_init() fails (git-fixes).\n- drm: mali-dp: potential dereference of null pointer (git-fixes).\n- drm/mediatek: Add vblank register/unregister callback functions (bsc#1190768)\n- drm/mediatek: dpi: Use mt8183 output formats for mt8192 (git-fixes).\n- drm/mediatek: Fix mtk_cec_mask() (git-fixes).\n- drm/mediatek: mtk_dsi: Reset the dsi0 hardware (git-fixes).\n- drm/meson: Fix error handling when afbcd.ops-\u003einit fails (git-fixes).\n- drm/meson: Make use of the helper function devm_platform_ioremap_resourcexxx() (git-fixes).\n- drm/meson: osd_afbcd: Add an exit callback to struct meson_afbcd_ops (git-fixes).\n- drm/meson: split out encoder from meson_dw_hdmi (git-fixes).\n- drm/msm/a6xx: Fix missing ARRAY_SIZE() check (git-fixes).\n- drm/msm/a6xx: Fix refcount leak in a6xx_gpu_init (git-fixes).\n- drm/msm: add missing include to msm_drv.c (git-fixes).\n- drm/msm: Add missing put_task_struct() in debugfs path (git-fixes).\n- drm/msm/disp: check the return value of kzalloc() (git-fixes).\n- drm/msm/disp/dpu1: set mdp clk to the maximum frequency in opp table (bsc#1190768)\n- drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume (git-fixes).\n- drm/msm/dp: add fail safe mode outside of event_mutex context (git-fixes).\n- drm/msm/dp: always add fail-safe mode into connector mode list (git-fixes).\n- drm/msm/dp: Always clear mask bits to disable interrupts at dp_ctrl_reset_irq_ctrl() (git-fixes).\n- drm/msm/dp: check core_initialized before disable interrupts at dp_display_unbind() (git-fixes).\n- drm/msm/dp: do not initialize phy until plugin interrupt received (bsc#1190497)\n- drm/msm/dp: do not stop transmitting phy test pattern during DP phy compliance test (git-fixes).\n- drm/msm/dp: dp_link_parse_sink_count() return immediately if aux read failed (git-fixes).\n- drm/msm/dp: fix error check return value of irq_of_parse_and_map() (git-fixes).\n- drm/msm/dp: fix event thread stuck in wait_event after kthread_stop() (git-fixes).\n- drm/msm/dp: force link training for display resolution change (git-fixes).\n- drm/msm/dp: Modify prototype of encoder based API (git-fixes).\n- drm/msm/dp: populate connector of struct dp_panel (git-fixes).\n- drm/msm/dp: remove fail safe mode related code (git-fixes).\n- drm/msm/dp: reset DP controller before transmit phy test pattern (git-fixes).\n- drm/msm/dp: stop event kernel thread when DP unbind (bsc#1190768)\n- drm/msm/dp: stop link training after link training 2 failed (git-fixes).\n- drm/msm/dp: tear down main link at unplug handle immediately (bsc#1190768)\n- drm/msm/dpu: add DSPP blocks teardown (git-fixes).\n- drm/msm/dpu: adjust display_v_end for eDP and DP (git-fixes).\n- drm/msm/dpu: fix dp audio condition (git-fixes).\n- drm/msm/dpu: fix error check return value of irq_of_parse_and_map() (bsc#1190768)\n- drm/msm/dpu: handle pm_runtime_get_sync() errors in bind path (git-fixes).\n- drm/msm/dsi: fix address for second DSI PHY on SDM660 (git-fixes).\n- drm/msm/dsi: fix error checks and return values for DSI xmit functions (git-fixes).\n- drm/msm/dsi: Remove spurious IRQF_ONESHOT flag (git-fixes).\n- drm/msm/dsi: Use connector directly in msm_dsi_manager_connector_init() (git-fixes).\n- drm/msm/dsi: Use \u0027ref\u0027 fw clock instead of global name for VCO parent (git-fixes).\n- drm/msm: Fix double pm_runtime_disable() call (git-fixes).\n- drm: msm: fix error check return value of irq_of_parse_and_map() (git-fixes).\n- drm: msm: fix possible memory leak in mdp5_crtc_cursor_set() (git-fixes).\n- drm/msm: Fix range size vs end confusion (git-fixes).\n- drm/msm/hdmi: check return value after calling platform_get_resource_byname() (git-fixes).\n- drm/msm/hdmi: fix error check return value of irq_of_parse_and_map() (git-fixes).\n- drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf (git-fixes).\n- drm/msm/mdp5: check the return of kzalloc() (git-fixes).\n- drm/msm/mdp5: Return error code in mdp5_mixer_release when deadlock is detected (git-fixes).\n- drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is detected (git-fixes).\n- drm/msm: properly add and remove internal bridges (bsc#1190768)\n- drm/msm: remove unused plane_property field from msm_drm_private (bsc#1190768)\n- drm/msm: return an error pointer in msm_gem_prime_get_sg_table() (git-fixes).\n- drm/msm: Switch ordering of runpm put vs devfreq_idle (git-fixes).\n- drm/msm: use for_each_sgtable_sg to iterate over scatterlist (git-fixes).\n- drm/nouveau/acr: Fix undefined behavior in nvkm_acr_hsfw_load_bl() (git-fixes).\n- drm/nouveau/backlight: Just set all backlight types as RAW (git-fixes).\n- drm/nouveau/clk: Fix an incorrect NULL check on list iterator (git-fixes).\n- drm/nouveau: Fix a potential theorical leak in nouveau_get_backlight_name() (git-fixes).\n- drm/nouveau: fix off by one in BIOS boundary checking (git-fixes).\n- drm/nouveau/kms/nv50-: atom: fix an incorrect NULL check on list iterator (git-fixes).\n- drm/nouveau/pmu: Add missing callbacks for Tegra devices (git-fixes).\n- drm/nouveau/pmu/gm200-: use alternate falcon reset sequence (git-fixes).\n- drm/nouveau/subdev/bus: Ratelimit logging for fault errors (git-fixes).\n- drm/nouveau/tegra: Stop using iommu_present() (git-fixes).\n- drm: panel-orientation-quirks: Add quirk for the 1Netbook OneXPlayer (git-fixes).\n- drm/panel: panel-simple: Fix proper bpc for AM-1280800N3TZQW-T00H (git-fixes).\n- drm/panel/raspberrypi-touchscreen: Avoid NULL deref if not initialised (git-fixes).\n- drm/panel/raspberrypi-touchscreen: Initialise the bridge in prepare (git-fixes).\n- drm/panel: simple: Add missing bus flags for Innolux G070Y2-L01 (git-fixes).\n- drm/panel: simple: Assign data from panel_dpi_probe() correctly (git-fixes).\n- drm/panel: simple: Fix Innolux G070Y2-L01 BPP settings (git-fixes).\n- drm/panfrost: Check for error num after setting mask (git-fixes).\n- drm/plane: Move range check for format_count earlier (git-fixes).\n- drm/radeon: fix a possible null pointer dereference (git-fixes).\n- drm/radeon: Fix backlight control on iMac 12,1 (git-fixes).\n- drm/rockchip: dw_hdmi: Do not leave clock enabled in error case (git-fixes).\n- drm/rockchip: vop: Correct RK3399 VOP register fields (git-fixes).\n- drm/rockchip: vop: fix possible null-ptr-deref in vop_bind() (git-fixes).\n- drm/selftests/test-drm_dp_mst_helper: Fix memory leak in sideband_msg_req_encode_decode (git-fixes).\n- drm/simpledrm: Add \u0027panel orientation\u0027 property on non-upright mounted LCD panels (git-fixes).\n- drm: sti: do not use kernel-doc markers (git-fixes).\n- drm/sun4i: Fix crash during suspend after component bind failure (git-fixes).\n- drm/sun4i: mixer: Fix P010 and P210 format numbers (git-fixes).\n- drm/sun4i: Remove obsolete references to PHYS_OFFSET (bsc#1190786)\n- drm/syncobj: flatten dma_fence_chains on transfer (git-fixes).\n- drm/tegra: Add back arm_iommu_detach_device() (git-fixes).\n- drm/tegra: Fix reference leak in tegra_dsi_ganged_probe (git-fixes).\n- drm: use the lookup lock in drm_is_current_master (git-fixes).\n- drm/v3d/v3d_drv: Check for error num after setting mask (git-fixes).\n- drm/vc4: crtc: Fix runtime_pm reference counting (git-fixes).\n- drm/vc4: Fix deadlock on DSI device attach error (git-fixes).\n- drm/vc4: hdmi: Add debugfs prefix (bsc#1199163).\n- drm/vc4: hdmi: Allow DBLCLK modes even if horz timing is odd (git-fixes).\n- drm/vc4: hdmi: Fix build error for implicit function declaration (git-fixes).\n- drm/vc4: hdmi: Fix HPD GPIO detection (git-fixes).\n- drm/vc4: hdmi: Make sure the device is powered with CEC (git-fixes).\n- drm/vc4: hdmi: Split the CEC disable / enable functions in two (git-fixes).\n- drm/vc4: hvs: Fix frame count register readout (git-fixes).\n- drm/vc4: hvs: Reset muxes at probe time (git-fixes).\n- drm/vc4: txp: Do not set TXP_VSTART_AT_EOF (git-fixes).\n- drm/vc4: txp: Force alpha to be 0xff if it\u0027s disabled (git-fixes).\n- drm/vc4: Use pm_runtime_resume_and_get to fix pm_runtime_get_sync() usage (git-fixes).\n- drm/virtio: Ensure that objs is not NULL in virtio_gpu_array_put_free() (git-fixes).\n- drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes (git-fixes).\n- drm/vmwgfx: Disable command buffers on svga3 without gbobjects (git-fixes).\n- drm/vmwgfx: Fix fencing on SVGAv3 (git-fixes).\n- drm/vmwgfx: Initialize drm_mode_fb_cmd2 (git-fixes).\n- drm/vmwgfx: Remove unused compile options (bsc#1190786)\n- drm/vmwgfx: validate the screen formats (git-fixes).\n- drm/vrr: Set VRR capable prop only if it is attached to connector (git-fixes).\n- dt-bindings: arm: bcm: fix BCM53012 and BCM53016 SoC strings (git-fixes).\n- dt-bindings: can: tcan4x5x: fix mram-cfg RX FIFO config (git-fixes).\n- dt-bindings: display: sitronix, st7735r: Fix backlight in example (git-fixes).\n- dt-bindings: gpio: altera: correct interrupt-cells (git-fixes).\n- dt-bindings: memory: mtk-smi: No need mediatek,larb-id for mt8167 (git-fixes).\n- dt-bindings: mtd: nand-controller: Fix a comment in the examples (git-fixes).\n- dt-bindings: mtd: nand-controller: Fix the reg property description (git-fixes).\n- dt-bindings: net: xgmac_mdio: Remove unsupported \u0027bus-frequency\u0027 (git-fixes).\n- dt-bindings: PCI: xilinx-cpm: Fix reg property order (git-fixes).\n- dt-bindings: phy: uniphier-usb3hs: Fix incorrect clock-names and reset-names (git-fixes).\n- dt-bindings: pinctrl: aspeed-g6: remove FWQSPID group (git-fixes).\n- dt-bindings: pinctrl: pinctrl-microchip-sgpio: Fix example (git-fixes).\n- dt-bindings: spi: mxic: The interrupt property is not mandatory (git-fixes).\n- dt-bindings: usb: ehci: Increase the number of PHYs (git-fixes).\n- dt-bindings: usb: hcd: correct usb-device path (git-fixes).\n- dt-bindings: usb: ohci: Increase the number of PHYs (git-fixes).\n- dt-bindings: watchdog: Require samsung,syscon-phandle for Exynos7 (git-fixes).\n- e1000e: Correct NVM checksum verification flow (bsc#1191663).\n- e1000e: Fix possible HW unit hang after an s0ix exit (jsc#SLE-18382).\n- e1000e: Fix possible overflow in LTR decoding (git-fixes).\n- e1000e: Handshake with CSME starts from ADL platforms (git-fixes).\n- e1000e: Separate ADP board type from TGP (git-fixes).\n- EDAC/altera: Fix deferred probing (bsc#1190497).\n- EDAC/amd64: Add new register offset support and related changes (jsc#SLE-19026).\n- EDAC/amd64: Set memory type per DIMM (jsc#SLE-19026).\n- EDAC: Fix calculation of returned address and next offset in edac_align_ptr() (bsc#1190497).\n- EDAC/synopsys: Read the error count from the correct register (bsc#1190497).\n- EDAC/xgene: Fix deferred probing (bsc#1190497).\n- eeprom: ee1004: limit i2c reads to I2C_SMBUS_BLOCK_MAX (git-fixes).\n- efi: Add missing prototype for efi_capsule_setup_info (git-fixes).\n- efi: Do not import certificates from UEFI Secure Boot for T2 Macs (git-fixes).\n- efi: fix return value of __setup handlers (git-fixes).\n- efivars: Respect \u0027block\u0027 flag in efivar_entry_set_safe() (git-fixes).\n- epic100: fix use after free on rmmod (git-fixes).\n- ethernet/sfc: remove redundant rc variable (bsc#1196306).\n- exec: Force single empty string when argv is empty (bsc#1200571).\n- ext2: correct max file size computing (bsc#1197820).\n- ext4: avoid trim error on fs with small groups (bsc#1191271).\n- ext4: destroy ext4_fc_dentry_cachep kmemcache on module removal (bsc#1197917).\n- ext4: fix an use-after-free issue about data=journal writeback mode (bsc#1195482).\n- ext4: fix bug_on ext4_mb_use_inode_pa (bsc#1200810).\n- ext4: fix bug_on in __es_tree_search (bsc#1200809).\n- ext4: fix ext4_fc_stats trace point (git-fixes).\n- ext4: fix race condition between ext4_write and ext4_convert_inline_data (bsc#1200807).\n- ext4: limit length to bitmap_maxbytes - blocksize in punch_hole (bsc#1200806).\n- ext4: make variable \u0027count\u0027 signed (bsc#1200820).\n- ext4: reject the \u0027commit\u0027 option on ext2 filesystems (bsc#1200808).\n- extcon: Modify extcon device to be created after driver data is set (git-fixes).\n- extcon: ptn5150: Add queue work sync before driver release (git-fixes).\n- faddr2line: Fix overlapping text section failures, the sequel (git-fixes).\n- fbcon: Avoid \u0027cap\u0027 set but not used warning (bsc#1190786)\n- fbcon: Consistently protect deferred_takeover with console_lock() (git-fixes).\n- firewire: core: extend card-\u003elock in fw_core_handle_bus_reset (git-fixes).\n- firewire: fix potential uaf in outbound_phy_packet_callback() (git-fixes).\n- firewire: remove check of list iterator against head past the loop body (git-fixes).\n- firmware: arm_ffa: Fix uuid parameter to ffa_partition_probe (git-fixes).\n- firmware: arm_ffa: Remove incorrect assignment of driver_data (git-fixes).\n- firmware: arm_scmi: Fix list protocols enumeration in the base protocol (git-fixes).\n- firmware: arm_scmi: Fix sorting of retrieved clock rates (git-fixes).\n- firmware: arm_scmi: Remove space in MODULE_ALIAS name (git-fixes).\n- firmware: arm_scmi: Validate BASE_DISCOVER_LIST_PROTOCOLS response (git-fixes).\n- firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle (git-fixes).\n- firmware: google: Properly state IOMEM dependency (git-fixes).\n- firmware: qcom: scm: Remove reassignment to desc following initializer (git-fixes).\n- firmware: stratix10-svc: add missing callback parameter on RSU (git-fixes).\n- firmware: stratix10-svc: fix a missing check on list iterator (git-fixes).\n- firmware: sysfb: fix platform-device leak in error path (git-fixes).\n- firmware: ti_sci: Fix compilation failure when CONFIG_TI_SCI_PROTOCOL is not defined (git-fixes).\n- firmware: use kernel credentials when reading firmware (git-fixes).\n- fs: fd tables have to be multiples of BITS_PER_LONG (bsc#1200827).\n- fs: fix fd table size alignment properly (bsc#1200882).\n- fs: handle circular mappings correctly (bsc#1197918).\n- fsl_lpuart: Do not enable interrupts too early (git-fixes).\n- fsnotify: Do not insert unmergeable events in hashtable (bsc#1197922).\n- fsnotify: fix fsnotify hooks in pseudo filesystems (bsc#1195944 bsc#1195478).\n- fsnotify: fix wrong lockdep annotations (bsc#1200815).\n- ftrace: Clean up hash direct_functions on register failures (git-fixes).\n- fuse: fix fileattr op failure (bsc#1197292).\n- gen_init_cpio: fix short read file handling (bsc#1193289).\n- genirq/affinity: Consider that CPUs on nodes can be (git-fixes)\n- genirq: Synchronize interrupt thread startup (git-fixes)\n- gianfar: ethtool: Fix refcount leak in gfar_get_ts_info (git-fixes).\n- gma500: fix an incorrect NULL check on list iterator (git-fixes).\n- gpio: adp5588: Remove support for platform setup and teardown callbacks (git-fixes).\n- gpio: aggregator: Fix calling into sleeping GPIO controllers (git-fixes).\n- gpio: dwapb: Do not print error on -EPROBE_DEFER (git-fixes).\n- gpio: gpio-vf610: do not touch other bits when set the target bit (git-fixes).\n- gpiolib: acpi: Convert ACPI value of debounce to microseconds (git-fixes).\n- gpiolib: acpi: use correct format characters (git-fixes).\n- gpiolib: Never return internal error codes to user space (git-fixes).\n- gpiolib: of: fix bounds check for \u0027gpio-reserved-ranges\u0027 (git-fixes).\n- gpio: mvebu: drop pwm base assignment (git-fixes).\n- gpio: mvebu/pwm: Refuse requests with inverted polarity (git-fixes).\n- gpio: pca953x: fix irq_stat not updated when irq is disabled (irq_mask not set) (git-fixes).\n- gpio: pca953x: use the correct register address to do regcache sync (git-fixes).\n- gpio: Return EPROBE_DEFER if gc-\u003eto_irq is NULL (git-fixes).\n- gpio: Revert regression in sysfs-gpio (gpiolib.c) (git-fixes).\n- gpio: sifive: use the correct register to read output values (git-fixes).\n- gpio: tegra186: Fix chip_data type confusion (git-fixes).\n- gpio: ts4900: Do not set DAT and OE together (git-fixes).\n- gpio: visconti: Fix fwnode of GPIO IRQ (git-fixes).\n- gpio: winbond: Fix error code in winbond_gpio_get() (git-fixes).\n- gpu: host1x: Fix a memory leak in \u0027host1x_remove()\u0027 (git-fixes).\n- gpu: ipu-v3: Fix dev_dbg frequency output (git-fixes).\n- gup: Turn fault_in_pages_{readable,writeable} into fault_in_{readable,writeable} (git-fixes).\n- gve: Fix GFP flags when allocing pages (git-fixes).\n- gve: fix the wrong AdminQ buffer queue index check (git-fixes).\n- habanalabs: Add check for pci_enable_device (git-fixes).\n- habanalabs: fix possible memory leak in MMU DR fini (git-fixes).\n- hamradio: fix macro redefine warning (git-fixes).\n- hex2bin: fix access beyond string end (git-fixes).\n- HID: add mapping for KEY_ALL_APPLICATIONS (git-fixes).\n- HID: add mapping for KEY_DICTATE (git-fixes).\n- HID: Add support for open wheel and no attachment to T300 (git-fixes).\n- HID:Add support for UGTABLET WP5540 (git-fixes).\n- HID: amd_sfh: Add illuminance mask to limit ALS max value (git-fixes).\n- HID: amd_sfh: Correct the structure field name (git-fixes).\n- HID: amd_sfh: Modify the bus name (git-fixes).\n- HID: amd_sfh: Modify the hid name (git-fixes).\n- HID: bigben: fix slab-out-of-bounds Write in bigben_probe (git-fixes).\n- hide appended member supports_dynamic_smps_6ghz (git-fixes).\n- HID: elan: Fix potential double free in elan_input_configured (git-fixes).\n- HID: hid-led: fix maximum brightness for Dream Cheeky (git-fixes).\n- HID: hid-thrustmaster: fix OOB read in thrustmaster_interrupts (git-fixes).\n- HID: i2c-hid: fix GET/SET_REPORT for unnumbered reports (git-fixes).\n- HID: intel-ish-hid: Use dma_alloc_coherent for firmware update (git-fixes).\n- HID: logitech-dj: add new lightspeed receiver id (git-fixes).\n- HID: multitouch: add quirks to enable Lenovo X12 trackpoint (git-fixes).\n- HID: multitouch: Add support for Google Whiskers Touchpad (git-fixes).\n- HID: multitouch: fix Dell Precision 7550 and 7750 button type (bsc#1197243).\n- HID: vivaldi: fix sysfs attributes leak (git-fixes).\n- hinic: fix bug of wq out of bound access (git-fixes).\n- hv_balloon: rate-limit \u0027Unhandled message\u0027 warning (git-fixes).\n- hv_netvsc: Add check for kvmalloc_array (git-fixes).\n- hv_utils: Add comment about max VMbus packet size in VSS driver (git-fixes).\n- hwmon: (dell-smm) Speed up setting of fan speed (git-fixes).\n- hwmon: (f71882fg) Fix negative temperature (git-fixes).\n- hwmon: Handle failure to register sensor with thermal zone correctly (git-fixes).\n- hwmon: (ibmaem) do not call platform_device_del() if platform_device_add() fails (git-fixes).\n- hwmon: (ltq-cputemp) restrict it to SOC_XWAY (git-fixes).\n- hwmon: (pmbus) Add mutex to regulator ops (git-fixes).\n- hwmon: (pmbus) Add Vin unit off handling (git-fixes).\n- hwmon: (pmbus) Check PEC support before reading other registers (git-fixes).\n- hwmon: (pmbus) Clear pmbus fault/warning bits after read (git-fixes).\n- hwmon: (pmbus) disable PEC if not enabled (git-fixes).\n- hwmon: (sch56xx-common) Replace WDOG_ACTIVE with WDOG_HW_RUNNING (git-fixes).\n- hwmon: (tmp401) Add OF device ID table (git-fixes).\n- hwrng: atmel - disable trng on failure path (git-fixes).\n- hwrng: cavium - Check health status while reading random data (git-fixes).\n- hwrng: cavium - HW_RANDOM_CAVIUM should depend on ARCH_THUNDER (git-fixes).\n- hwrng: nomadik - Change clk_disable to clk_disable_unprepare (git-fixes).\n- hwrng: omap3-rom - fix using wrong clk_disable() in omap_rom_rng_runtime_resume() (git-fixes).\n- i2c: at91: Initialize dma_buf in at91_twi_xfer() (git-fixes).\n- i2c: at91: use dma safe buffers (git-fixes).\n- i2c: bcm2835: Avoid clock stretching timeouts (git-fixes).\n- i2c: bcm2835: Fix the error handling in \u0027bcm2835_i2c_probe()\u0027 (git-fixes).\n- i2c: bcm2835: Use platform_get_irq() to get the interrupt (git-fixes).\n- i2c: brcmstb: fix support for DSL and CM variants (git-fixes).\n- i2c: cadence: Increase timeout per message if necessary (git-fixes).\n- i2c: designware: Use standard optional ref clock implementation (git-fixes).\n- i2c: dev: Force case user pointers in compat_i2cdev_ioctl() (git-fixes).\n- i2c: ismt: prevent memory corruption in ismt_access() (git-fixes).\n- i2c: ismt: Provide a DMA buffer for Interrupt Cause Logging (git-fixes).\n- i2c: meson: Fix wrong speed use from probe (git-fixes).\n- i2c: mt7621: fix missing clk_disable_unprepare() on error in mtk_i2c_probe() (git-fixes).\n- i2c: mux: demux-pinctrl: do not deactivate a master that is not active (git-fixes).\n- i2c: npcm7xx: Add check for platform_driver_register (git-fixes).\n- i2c: npcm: Correct register access width (git-fixes).\n- i2c: npcm: Fix timeout calculation (git-fixes).\n- i2c: npcm: Handle spurious interrupts (git-fixes).\n- i2c: piix4: Add EFCH MMIO support for SMBus port select (git-fixes).\n- i2c: piix4: Add EFCH MMIO support to region request and release (git-fixes).\n- i2c: piix4: Add EFCH MMIO support to SMBus base address detect (git-fixes).\n- i2c: piix4: Enable EFCH MMIO for Family 17h+ (git-fixes).\n- i2c: piix4: Move port I/O region request/release code into functions (git-fixes).\n- i2c: piix4: Move SMBus controller base address detect into function (git-fixes).\n- i2c: piix4: Move SMBus port selection into function (git-fixes).\n- i2c: piix4: Replace hardcoded memory map size with a #define (git-fixes).\n- i2c: qcom-cci: do not delete an unregistered adapter (git-fixes).\n- i2c: qcom-cci: do not put a device tree node before i2c_add_adapter() (git-fixes).\n- i2c: rcar: fix PM ref counts in probe error paths (git-fixes).\n- i2c: xiic: Make bus names unique (git-fixes).\n- i40e: do not reserve excessive XDP_PACKET_HEADROOM on XSK Rx to skb (git-fixes).\n- i40e: Fix for failed to init adminq while VF reset (git-fixes).\n- i40e: Fix issue when maximum queues is exceeded (git-fixes).\n- i40e: Fix queues reservation for XDP (git-fixes).\n- i40e: Fix reset bw limit when DCB enabled with 1 TC (git-fixes).\n- i40e: Fix reset path while removing the driver (git-fixes).\n- i40e: fix unsigned stat widths (git-fixes).\n- i40e: i40e_main: fix a missing check on list iterator (git-fixes).\n- i40e: Increase delay to 1 s after global EMP reset (git-fixes).\n- i40e: remove dead stores on XSK hotpath (jsc#SLE-18378).\n- i40e: respect metadata on XSK Rx to skb (git-fixes).\n- i40e: stop disabling VFs due to PF error responses (jsc#SLE-18378).\n- iavf: Add waiting so the port is initialized in remove (jsc#SLE-18385).\n- iavf: Fix deadlock in iavf_reset_task (jsc#SLE-18385).\n- iavf: Fix double free in iavf_reset_task (jsc#SLE-18385).\n- iavf: Fix handling of vlan strip virtual channel messages (jsc#SLE-18385).\n- iavf: Fix hang during reboot/shutdown (jsc#SLE-18385).\n- iavf: Fix __IAVF_RESETTING state usage (jsc#SLE-18385).\n- iavf: Fix init state closure on remove (jsc#SLE-18385).\n- iavf: Fix locking for VIRTCHNL_OP_GET_OFFLOAD_VLAN_V2_CAPS (jsc#SLE-18385).\n- iavf: Fix missing check for running netdev (git-fixes).\n- iavf: Fix race in init state (jsc#SLE-18385).\n- iavf: Rework mutexes for better synchronisation (jsc#SLE-18385 stable-5.14.6).\n- IB/cma: Allow XRC INI QPs to set their local ACK timeout (git-fixes).\n- IB/cm: Cancel mad on the DREQ event when the state is MRA_REP_RCVD (git-fixes).\n- IB/cm: Release previously acquired reference counter in the cm_id_priv (git-fixes).\n- IB/hfi1: Allow larger MTU without AIP (git-fixes).\n- IB/hfi1: Fix AIP early init panic (git-fixes).\n- IB/hfi1: Fix alloc failure with larger txqueuelen (git-fixes).\n- IB/hfi1: Fix panic with larger ipoib send_queue_size (jsc#SLE-19242).\n- IB/hfi1: Fix tstats alloc and dealloc (git-fixes).\n- IB/mlx5: Expose NDR speed through MAD (bsc#1196930).\n- ibmvnic: do not release napi in __ibmvnic_open() (bsc#1195668 ltc#195811).\n- ibmvnic: fix race between xmit and reset (bsc#1197302 ltc#197259).\n- ibmvnic: Properly dispose of all skbs during a failover (bsc#1200925).\n- ibmvnic: schedule failover only if vioctl fails (bsc#1196400 ltc#195815).\n- IB/qib: Fix duplicate sysfs directory name (git-fixes).\n- IB/rdmavt: add lock to call to rvt_error_qp to prevent a race condition (git-fixes).\n- IB/rdmavt: Validate remote_addr during loopback atomic tests (git-fixes).\n- ice: allow creating VFs for !CONFIG_NET_SWITCHDEV (jsc#SLE-18375).\n- ice: check the return of ice_ptp_gettimex64 (git-fixes).\n- ice: clear cmd_type_offset_bsz for TX rings (jsc#SLE-18375).\n- ice: Clear default forwarding VSI during VSI release (git-fixes).\n- ice: clear stale Tx queue settings before configuring (git-fixes).\n- ice: do not allow to run ice_send_event_to_aux() in atomic ctx (git-fixes).\n- ice: do not reserve excessive XDP_PACKET_HEADROOM on XSK Rx to skb (git-fixes).\n- ice: Do not use GFP_KERNEL in atomic context (git-fixes).\n- ice: enable parsing IPSEC SPI headers for RSS (git-fixes).\n- ice: fix an error code in ice_cfg_phy_fec() (git-fixes).\n- ice: fix concurrent reset and removal of VFs (git-fixes).\n- ice: fix crash in switchdev mode (jsc#SLE-18375).\n- ice: Fix curr_link_speed advertised speed (git-fixes).\n- ice: Fix incorrect locking in ice_vc_process_vf_msg() (jsc#SLE-18375).\n- ice: fix IPIP and SIT TSO offload (git-fixes).\n- ice: fix NULL pointer dereference in ice_update_vsi_tx_ring_stats() (jsc#SLE-18375).\n- ice: fix PTP stale Tx timestamps cleanup (git-fixes).\n- ice: fix setting l4 port flag when adding filter (jsc#SLE-18375).\n- ice: fix use-after-free when deinitializing mailbox snapshot (git-fixes).\n- ice: initialize local variable \u0027tlv\u0027 (git-fixes).\n- ice: kabi protect ice_pf (bsc#1200502).\n- ice: Protect vf_state check by cfg_lock in ice_vc_process_vf_msg() (jsc#SLE-18375).\n- ice: respect metadata on XSK Rx to skb (git-fixes).\n- ice: synchronize_rcu() when terminating rings (git-fixes).\n- ice: xsk: Fix indexing in ice_tx_xsk_pool() (jsc#SLE-18375).\n- ice: xsk: fix VSI state check in ice_xsk_wakeup() (git-fixes).\n- igb: refactor XDP registration (git-fixes).\n- igc: avoid kernel warning when changing RX ring parameters (git-fixes).\n- igc: do not reserve excessive XDP_PACKET_HEADROOM on XSK Rx to skb (git-fixes).\n- igc: Fix BUG: scheduling while atomic (git-fixes).\n- igc: Fix infinite loop in release_swfw_sync (git-fixes).\n- igc: Fix suspending when PTM is active (jsc#SLE-18377).\n- igc: igc_read_phy_reg_gpy: drop premature return (git-fixes).\n- igc: igc_write_phy_reg_gpy: drop premature return (git-fixes).\n- iio:accel:bma180: rearrange iio trigger get and register (git-fixes).\n- iio: accel: fxls8962af: add padding to regmap for SPI (git-fixes).\n- iio:accel:kxcjk-1013: rearrange iio trigger get and register (git-fixes).\n- iio: accel: mma8452: ignore the return value of reset operation (git-fixes).\n- iio: accel: mma8452: use the correct logic to get mma8452_data (git-fixes).\n- iio:accel:mxc4005: rearrange iio trigger get and register (git-fixes).\n- iio: adc: ad7124: fix mask used for setting AIN_BUFP and AIN_BUFM bits (git-fixes).\n- iio: adc: ad7124: Remove shift from scan_type (git-fixes).\n- iio: adc: Add check for devm_request_threaded_irq (git-fixes).\n- iio: adc: adi-axi-adc: Fix refcount leak in adi_axi_adc_attach_client (git-fixes).\n- iio: adc: axp288: Override TS pin bias current for some models (git-fixes).\n- iio: adc: men_z188_adc: Fix a resource leak in an error handling path (git-fixes).\n- iio: adc: sc27xx: Fine tune the scale calibration values (git-fixes).\n- iio: adc: sc27xx: fix read big scale voltage not right (git-fixes).\n- iio: adc: stm32: Fix ADCs iteration in irq handler (git-fixes).\n- iio: adc: stm32: Fix IRQs on STM32F4 by removing custom spurious IRQs message (git-fixes).\n- iio: adc: stm32: fix maximum clock rate for stm32mp15x (git-fixes).\n- iio: adc: stmpe-adc: Fix wait_for_completion_timeout return value check (git-fixes).\n- iio: adc: ti-ads131e08: add missing fwnode_handle_put() in ads131e08_alloc_channels() (git-fixes).\n- iio: adc: tsc2046: fix memory corruption by preventing array overflow (git-fixes).\n- iio: adc: vf610: fix conversion mode sysfs node name (git-fixes).\n- iio: afe: rescale: Fix boolean logic bug (git-fixes).\n- iio: afe: rescale: use s64 for temporary scale calculations (git-fixes).\n- iio: buffer: Fix file related error handling in IIO_BUFFER_GET_FD_IOCTL (git-fixes).\n- iio:chemical:ccs811: rearrange iio trigger get and register (git-fixes).\n- iio: dac: ad5446: Fix read_raw not returning set value (git-fixes).\n- iio: dac: ad5592r: Fix the missing return value (git-fixes).\n- iio: dummy: iio_simple_dummy: check the return value of kstrdup() (git-fixes).\n- iio: Fix error handling for PM (git-fixes).\n- iio: gyro: mpu3050: Fix the error handling in mpu3050_power_up() (git-fixes).\n- iio:humidity:hts221: rearrange iio trigger get and register (git-fixes).\n- iio:imu:adis16480: fix buffering for devices with no burst mode (git-fixes).\n- iio:imu:bmi160: disable regulator in error path (git-fixes).\n- iio: imu: inv_icm42600: Fix I2C init possible nack (git-fixes).\n- iio: imu: st_lsm6dsx: wait for settling time in st_lsm6dsx_read_oneshot (git-fixes).\n- iio: inkern: apply consumer scale on IIO_VAL_INT cases (git-fixes).\n- iio: inkern: apply consumer scale when no channel scale is available (git-fixes).\n- iio: inkern: make a best effort on offset calculation (git-fixes).\n- iio: magnetometer: ak8975: Fix the error handling in ak8975_power_on() (git-fixes).\n- iio: magnetometer: yas530: Fix memchr_inv() misuse (git-fixes).\n- iio: mma8452: Fix probe failing when an i2c_device_id is used (git-fixes).\n- iio: mma8452: fix probe fail when device tree compatible is used (git-fixes).\n- iio: proximity: vl53l0x: Fix return value check of wait_for_completion_timeout (git-fixes).\n- iio: st_sensors: Add a local lock for protecting odr (git-fixes).\n- iio: trigger: sysfs: fix use-after-free on remove (git-fixes).\n- ima: Allow template selection with ima_template[_fmt]= after ima_hash= (git-fixes).\n- ima: Do not print policy rule with inactive LSM labels (git-fixes).\n- ima: fix reference leak in asymmetric_verify() (git-fixes).\n- ima: Remove ima_policy file before directory (git-fixes).\n- init: call time_init() before rand_initialize() (git-fixes).\n- init: Initialize noop_backing_dev_info early (bsc#1200822).\n- init/main.c: return 1 from handled __setup() functions (git-fixes).\n- initramfs: Check timestamp to prevent broken cpio archive (bsc#1193289).\n- inotify: show inotify mask flags in proc fdinfo (bsc#1200600).\n- Input: add bounds checking to input_set_capability() (git-fixes).\n- Input: aiptek - properly check endpoint type (git-fixes).\n- Input: bcm5974 - set missing URB_NO_TRANSFER_DMA_MAP urb flag (git-fixes).\n- Input: clear BTN_RIGHT/MIDDLE on buttonpads (git-fixes).\n- Input: elan_i2c: Add deny list for Lenovo Yoga Slim 7 (bsc#1193064).\n- Input: elan_i2c - fix regulator enable count imbalance after suspend/resume (git-fixes).\n- Input: elan_i2c - move regulator_[en|dis]able() out of elan_[en|dis]able_power() (git-fixes).\n- Input: gpio-keys - cancel delayed work only in case of GPIO (git-fixes).\n- Input: ili210x - fix reset timing (git-fixes).\n- Input: omap4-keypad - fix pm_runtime_get_sync() error checking (git-fixes).\n- Input: samsung-keypad - properly state IOMEM dependency (git-fixes).\n- Input: soc_button_array - also add Lenovo Yoga Tablet2 1051F to dmi_use_low_level_irq (git-fixes).\n- Input: sparcspkr - fix refcount leak in bbc_beep_probe (git-fixes).\n- Input: stmfts - do not leave device disabled in stmfts_input_open (git-fixes).\n- Input: stmfts - fix reference leak in stmfts_input_open (git-fixes).\n- Input: synaptics - enable InterTouch on ThinkPad T14/P14s Gen 1 AMD (git-fixes).\n- Input: synaptics: retry query upon error (bsc#1194086).\n- Input: wm97xx: Simplify resource management (git-fixes).\n- Input: zinitix - do not report shadow fingers (git-fixes).\n- integrity: check the return value of audit_log_start() (git-fixes).\n- iocost: do not reset the inuse weight of under-weighted debtors (git-fixes).\n- iocost: Fix divide-by-zero on donation from low hweight cgroup (bsc#1198014).\n- iomap: iomap_write_failed fix (bsc#1200829).\n- iommu/amd: Fix loop timeout issue in iommu_ga_log_enable() (git-fixes).\n- iommu/amd: Increase timeout waiting for GA log enablement (bsc#1199052).\n- iommu/amd: Remove useless irq affinity notifier (git-fixes).\n- iommu/amd: Restore GA log/tail pointer on host resume (git-fixes).\n- iommu/amd: X2apic mode: mask/unmask interrupts on suspend/resume (git-fixes).\n- iommu/amd: X2apic mode: re-enable after resume (git-fixes).\n- iommu/amd: X2apic mode: setup the INTX registers on mask/unmask (git-fixes).\n- iommu: arm-smmu: disable large page mappings for Nvidia arm-smmu (bsc#1198826).\n- iommu/arm-smmu-qcom: Fix TTBR0 read (git-fixes).\n- iommu: Extend mutex lock scope in iommu_probe_device() (git-fixes).\n- iommu/ioasid: Introduce a helper to check for valid PASIDs (jsc#SLE-24350).\n- iommu/io-pgtable-arm: Fix table descriptor paddr formatting (git-fixes).\n- iommu/io-pgtable-arm-v7s: Add error handle for page table allocation failure (git-fixes).\n- iommu/iova: Fix race between FQ timeout and teardown (git-fixes).\n- iommu/sva: Assign a PASID to mm on PASID allocation and free it on mm exit (jsc#SLE-24350).\n- iommu/sva: Rename CONFIG_IOMMU_SVA_LIB to CONFIG_IOMMU_SVA (jsc#SLE-24350).\n- iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping() (git-fixes).\n- ionic: add FW_STOPPING state (git-fixes).\n- ionic: Allow flexibility for error reporting on dev commands (git-fixes).\n- ionic: better handling of RESET event (git-fixes).\n- ionic: catch transition back to RUNNING with fw_generation 0 (git-fixes).\n- ionic: Cleanups in the Tx hotpath code (git-fixes).\n- ionic: Correctly print AQ errors if completions are not received (git-fixes).\n- ionic: disable napi when ionic_lif_init() fails (git-fixes).\n- ionic: Do not send reset commands if FW isn\u0027t running (git-fixes).\n- ionic: fix missing pci_release_regions() on error in ionic_probe() (git-fixes).\n- ionic: fix type complaint in ionic_dev_cmd_clean() (git-fixes).\n- ionic: fix up printing of timeout error (git-fixes).\n- ionic: Prevent filter add/del err msgs when the device is not available (git-fixes).\n- ionic: Query FW when getting VF info via ndo_get_vf_config (git-fixes).\n- ionic: remove the dbid_inuse bitmap (git-fixes).\n- ionic: replace set_vf data with union (git-fixes).\n- ionic: start watchdog after all is setup (git-fixes).\n- ionic: stretch heartbeat detection (git-fixes).\n- io_uring: add more locking annotations for submit (bsc#1199011).\n- io_uring: avoid touching inode in rw prep (bsc#1199011).\n- io_uring: be smarter about waking multiple CQ ring waiters (bsc#1199011).\n- io_uring: cache __io_free_req()\u0027d requests (bsc#1199011).\n- io_uring: clean io-wq callbacks (bsc#1199011).\n- io_uring: clean up tctx_task_work() (bsc#1199011).\n- io_uring: deduplicate open iopoll check (bsc#1199011).\n- io_uring: do not halt iopoll too early (bsc#1199011).\n- io_uring: drop exec checks from io_req_task_submit (bsc#1199011).\n- io_uring: extract a helper for ctx quiesce (bsc#1199011).\n- io_uring: Fix undefined-behaviour in io_issue_sqe (bsc#1199011).\n- io_uring: improve ctx hang handling (bsc#1199011).\n- io_uring: inline fixed part of io_file_get() (bsc#1199011).\n- io_uring: inline io_free_req_deferred (bsc#1199011).\n- io_uring: inline io_poll_remove_waitqs (bsc#1199011).\n- io_uring: inline struct io_comp_state (bsc#1199011).\n- io_uring: kill unused IO_IOPOLL_BATCH (bsc#1199011).\n- io_uring: move io_fallback_req_func() (bsc#1199011).\n- io_uring: move io_put_task() definition (bsc#1199011).\n- io_uring: move io_rsrc_node_alloc() definition (bsc#1199011).\n- io_uring: optimise io_cqring_wait() hot path (bsc#1199011).\n- io_uring: optimise putting task struct (bsc#1199011).\n- io_uring: refactor io_alloc_req (bsc#1199011).\n- io_uring: remove extra argument for overflow flush (bsc#1199011).\n- io_uring: remove file batch-get optimisation (bsc#1199011).\n- io_uring: remove IRQ aspect of io_ring_ctx completion lock (bsc#1199011).\n- io_uring: remove redundant args from cache_free (bsc#1199011).\n- io_uring: remove unnecessary PF_EXITING check (bsc#1199011).\n- io_uring: rename io_file_supports_async() (bsc#1199011).\n- io_uring: run linked timeouts from task_work (bsc#1199011).\n- io_uring: run regular file completions from task_work (bsc#1199011).\n- io_uring: run timeouts from task_work (bsc#1199011).\n- io_uring: use inflight_entry instead of compl.list (bsc#1199011).\n- io_uring: use kvmalloc for fixed files (bsc#1199011).\n- io-wq: get rid of FIXED worker flag (bsc#1199011).\n- io-wq: make worker creation resilient against signals (bsc#1199011).\n- io-wq: move nr_running and worker_refs out of wqe-\u003elock protection (bsc#1199011).\n- io-wq: only exit on fatal signals (bsc#1199011).\n- io-wq: provide a way to limit max number of workers (bsc#1199011).\n- io-wq: split bounded and unbounded work into separate lists (bsc#1199011).\n- io-wq: wqe and worker locks no longer need to be IRQ safe (bsc#1199011).\n- ipc/sem: do not sleep with a spin lock held (bsc#1198412).\n- ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback (git-fixes).\n- ipmi: bail out if init_srcu_struct fails (git-fixes).\n- ipmi: Fix pr_fmt to avoid compilation issues (git-fixes).\n- ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module (git-fixes).\n- ipmi:ssif: Check for NULL msg when handling events and messages (git-fixes).\n- ipvs: add sysctl_run_estimation to support disable estimation (bsc#1195504).\n- ipw2x00: Fix potential NULL dereference in libipw_xmit() (git-fixes).\n- irqchip/armada-370-xp: Do not touch Performance Counter Overflow on A375, A38x, A39x (git-fixes).\n- irqchip/aspeed-i2c-ic: Fix irq_of_parse_and_map() return value (git-fixes).\n- irqchip/aspeed-scu-ic: Fix irq_of_parse_and_map() return value (git-fixes).\n- irqchip/exiu: Fix acknowledgment of edge triggered interrupts (git-fixes).\n- irqchip/gic, gic-v3: Prevent GSI to SGI translations (git-fixes).\n- irqchip/gic/realview: Fix refcount leak in realview_gic_of_init (git-fixes).\n- irqchip/gic-v3: Ensure pseudo-NMIs have an ISB between ack and handling (git-fixes).\n- irqchip/gic-v3: Fix error handling in gic_populate_ppi_partitions (git-fixes).\n- irqchip/gic-v3: Fix GICR_CTLR.RWP polling (git-fixes).\n- irqchip/gic-v3: Fix refcount leak in gic_populate_ppi_partitions (git-fixes).\n- irqchip/gic-v4: Wait for GICR_VPENDBASER.Dirty to clear before descheduling (git-fixes).\n- irqchip: irq-xtensa-mx: fix initial IRQ affinity (git-fixes).\n- irqchip/nvic: Release nvic_base upon failure (git-fixes).\n- irqchip/qcom-pdc: Fix broken locking (git-fixes).\n- irqchip/realtek-rtl: Fix refcount leak in map_interrupts (git-fixes).\n- irqchip/realtek-rtl: Service all pending interrupts (git-fixes).\n- isdn: hfcpci: check the return value of dma_set_mask() in setup_hw() (git-fixes).\n- ivtv: fix incorrect device_caps for ivtvfb (git-fixes).\n- iwlwifi: do not advertise TWT support (git-fixes).\n- iwlwifi: Fix -EIO error code that is never returned (git-fixes).\n- iwlwifi: fix use-after-free (git-fixes).\n- iwlwifi: iwl-dbg: Use del_timer_sync() before freeing (git-fixes).\n- iwlwifi: mvm: align locking in D3 test debugfs (git-fixes).\n- iwlwifi: mvm: check debugfs_dir ptr before use (git-fixes).\n- iwlwifi: mvm: Correctly set fragmented EBS (git-fixes).\n- iwlwifi: mvm: Do not call iwl_mvm_sta_from_mac80211() with NULL sta (git-fixes).\n- iwlwifi: mvm: do not crash on invalid rate w/o STA (git-fixes).\n- iwlwifi: mvm: do not iterate unadded vifs when handling FW SMPS req (git-fixes).\n- iwlwifi: mvm: do not send SAR GEO command for 3160 devices (git-fixes).\n- iwlwifi: mvm: Fix an error code in iwl_mvm_up() (git-fixes).\n- iwlwifi: mvm: fix assert 1F04 upon reconfig (git-fixes).\n- iwlwifi: mvm: move only to an enabled channel (git-fixes).\n- iwlwifi: pcie: fix locking when \u0027HW not ready\u0027 (git-fixes).\n- iwlwifi: pcie: gen2: fix locking when \u0027HW not ready\u0027 (git-fixes).\n- iwlwifi: yoyo: remove DBGI_SRAM address reset writing (git-fixes).\n- ixgbe: do not reserve excessive XDP_PACKET_HEADROOM on XSK Rx to skb (git-fixes).\n- ixgbe: ensure IPsec VF - PF compatibility (git-fixes).\n- ixgbe: respect metadata on XSK Rx to skb (git-fixes).\n- ixgbe: xsk: change !netif_carrier_ok() handling in ixgbe_xmit_zc() (git-fixes).\n- jbd2: Fake symbols defined under CONFIG_JBD2_DEBUG (bsc#1198971).\n- jfs: fix divide error in dbNextAG (bsc#1200828).\n- kABI: fix change of iscsi_host_remove() arguments (bsc#1198410).\n- kABI: Fix kABI after \u0027x86/mm/cpa: Generalize __set_memory_enc_pgtable()\u0027 (jsc#SLE-19924).\n- kABI fix of sysctl_run_estimation (git-fixes).\n- kABI: fix removal of iscsi_destroy_conn (bsc#1198410).\n- kABI: fix rndis_parameters locking (git-fixes).\n- kABI: ivtv: restore caps member (git-fixes).\n- kabi/severities: add exception for bcache symboles\n- kabi/severities: allow dropping a few invalid exported symbols (bsc#1201218)\n- kabi/severities: Ignore arch/x86/kvm except for kvm_x86_ops Handle this like in previous SLE kernels.\n- kABI workaround for fxls8962af iio accel drivers (git-fixes).\n- kABI workaround for pci quirks (git-fixes).\n- kconfig: fix failing to generate auto.conf (git-fixes).\n- kconfig: let \u0027shell\u0027 return enough output for deep path names (git-fixes).\n- kernel/fork: Initialize mm\u0027s PASID (jsc#SLE-24350).\n- kernel/resource: Introduce request_mem_region_muxed() (git-fixes).\n- kexec_file: drop weak attribute from arch_kexec_apply_relocations[_add] (git-fixes).\n- KEYS: asymmetric: enforce that sig algo matches key algo (git-fixes).\n- KEYS: asymmetric: properly validate hash_algo and encoding (git-fixes).\n- KEYS: fix length validation in keyctl_pkey_params_get_2() (git-fixes).\n- KEYS: trusted: Avoid calling null function trusted_key_exit (git-fixes).\n- KEYS: trusted: Fix trusted key backends when building as module (git-fixes).\n- KEYS: trusted: tpm2: Fix migratable logic (git-fixes).\n- kprobes: Add kretprobe_find_ret_addr() for searching return address (bsc#1193277).\n- kprobes: Enable stacktrace from pt_regs in kretprobe handler (bsc#1193277).\n- kprobes: treewide: Cleanup the error messages for kprobes (bsc#1193277).\n- kprobes: treewide: Make it harder to refer kretprobe_trampoline directly (bsc#1193277).\n- kprobes: treewide: Remove trampoline_address from kretprobe_trampoline_handler() (bsc#1193277).\n- kprobes: treewide: Replace arch_deref_entry_point() with dereference_symbol_descriptor() (bsc#1193277).\n- kprobes: treewide: Use \u0027kprobe_opcode_t *\u0027 for the code address in get_optimized_kprobe() (bsc#1193277).\n- kselftest/arm64: bti: force static linking (git-fixes).\n- kunit: tool: Import missing importlib.abc (git-fixes).\n- KVM: arm64: Avoid consuming a stale esr value when SError occur (git-fixes).\n- KVM: arm64: Drop unused workaround_flags vcpu field (git-fixes).\n- KVM: arm64: pkvm: Use the mm_ops indirection for cache maintenance (git-fixes).\n- KVM: arm64: Use shadow SPSR_EL1 when injecting exceptions on !VHE (git-fixes).\n- KVM: Clean up benign vcpu-\u003ecpu data races when kicking vCPUs (git-fixes).\n- KVM: Ensure local memslot copies operate on up-to-date arch-specific data (git-fixes).\n- KVM: fix wrong exception emulation in check_rdtsc (git-fixes).\n- KVM: LAPIC: Drop pending LAPIC timer injection when canceling the timer (git-fixes).\n- KVM: nVMX: Abide to KVM_REQ_TLB_FLUSH_GUEST request on nested vmentry/vmexit (git-fixes).\n- KVM: nVMX: Clear IDT vectoring on nested VM-Exit for double/triple fault (git-fixes).\n- KVM: nVMX: Do not clear CR3 load/store exiting bits if L1 wants \u0027em (git-fixes).\n- KVM: nVMX: Emulate guest TLB flush on nested VM-Enter with new vpid12 (git-fixes).\n- KVM: nVMX: Ensure vCPU honors event request if posting nested IRQ fails (git-fixes).\n- KVM: nVMX: Flush current VPID (L1 vs. L2) for KVM_REQ_TLB_FLUSH_GUEST (git-fixes).\n- KVM: nVMX: Leave most VM-Exit info fields unmodified on failed VM-Entry (git-fixes).\n- KVM: PPC: Fix TCE handling for VFIO (bsc#1061840 git-fixes).\n- KVM: s390: Ensure kvm_arch_no_poll() is read once when blocking vCPU (git-fixes).\n- KVM: s390: pv: add macros for UVC CC values (git-fixes).\n- KVM: s390: pv: avoid stalls when making pages secure (git-fixes).\n- KVM: s390: vsie/gmap: reduce gmap_rmap overhead (git-fixes).\n- KVM: selftests: Do not skip L2\u0027s VMCALL in SMM test for SVM guest (bsc#1194523).\n- KVM: selftests: Re-enable access_tracking_perf_test (bsc#1194526).\n- KVM: SEV: accept signals in sev_lock_two_vms (bsc#1194526).\n- KVM: SEV: do not take kvm-\u003elock when destroying (bsc#1194526).\n- KVM: SEV: Fall back to vmalloc for SEV-ES scratch area if necessary (bsc#1194526).\n- KVM: SEV: Mark nested locking of kvm-\u003elock (bsc#1194526).\n- KVM: SEV: Return appropriate error codes if SEV-ES scratch setup fails (bsc#1194526).\n- KVM: SVM: Allow AVIC support on system w/ physical APIC ID \u003e 255 (bsc#1193823).\n- KVM: SVM: Do not terminate SEV-ES guests on GHCB validation failure (bsc#1194526).\n- KVM: SVM: drop unnecessary code in svm_hv_vmcb_dirty_nested_enlightenments() (git-fixes).\n- KVM: SVM: Emulate #INIT in response to triple fault shutdown (git-fixes).\n- KVM: SVM: Fix kvm_cache_regs.h inclusions for is_guest_mode() (git-fixes).\n- KVM: SVM: hyper-v: Enable Enlightened MSR-Bitmap support for real (git-fixes).\n- KVM: SVM: Never reject emulation due to SMAP errata for !SEV guests (git-fixes).\n- KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel data leak (git-fixes).\n- KVM: VMX: Do not unblock vCPU w/ Posted IRQ if IRQs are disabled in guest (git-fixes).\n- KVM: VMX: Fold ept_update_paging_mode_cr0() back into vmx_set_cr0() (git-fixes).\n- KVM: VMX: Invert handling of CR0.WP for EPT without unrestricted guest (git-fixes).\n- KVM: VMX: Read Posted Interrupt \u0027control\u0027 exactly once per loop iteration (git-fixes).\n- KVM: VMX: Refresh list of user return MSRs after setting guest CPUID (git-fixes).\n- KVM: VMX: Remove defunct \u0027nr_active_uret_msrs\u0027 field (git-fixes).\n- KVM: VMX: Set failure code in prepare_vmcs02() (git-fixes).\n- KVM: VMX: Skip pointless MSR bitmap update when setting EFER (git-fixes).\n- KVM: VMX: Wake vCPU when delivering posted IRQ even if vCPU == this vCPU (git-fixes).\n- KVM: x86: Assume a 64-bit hypercall for guests with protected state (git-fixes).\n- kvm: x86/cpuid: Only provide CPUID leaf 0xA if host has architectural PMU (git-fixes).\n- KVM: x86: Do not force set BSP bit when local APIC is managed by userspace (git-fixes).\n- KVM: x86: Do not mark all registers as avail/dirty during RESET/INIT (git-fixes).\n- KVM: x86: do not print when fail to read/write pv eoi memory (git-fixes).\n- KVM: x86: Drop guest CPUID check for host initiated writes to MSR_IA32_PERF_CAPABILITIES (git-fixes).\n- KVM: x86: Drop WARNs that assert a triple fault never \u0027escapes\u0027 from L2 (git-fixes).\n- KVM: x86/emulator: Defer not-present segment check in __load_segment_descriptor() (git-fixes).\n- KVM: X86: Ensure that dirty PDPTRs are loaded (git-fixes).\n- KVM: x86: Exit to userspace if emulation prepared a completion callback (git-fixes).\n- KVM: x86: Fix emulation in writing cr8 (git-fixes).\n- KVM: X86: Fix missed remote tlb flush in rmap_write_protect() (git-fixes).\n- KVM: x86: Fix uninitialized eoi_exit_bitmap usage in vcpu_load_eoi_exitmap() (git-fixes).\n- KVM: x86: Handle 32-bit wrap of EIP for EMULTYPE_SKIP with flat code seg (git-fixes).\n- KVM: x86: hyper-v: Fix the maximum number of sparse banks for XMM fast TLB flush hypercalls (git-fixes).\n- KVM: x86: Ignore sparse banks size for an \u0027all CPUs\u0027, non-sparse IPI req (git-fixes).\n- KVM: x86: Mark all registers as avail/dirty at vCPU creation (git-fixes).\n- KVM: x86: Migrate the PIT only if vcpu0 is migrated, not any BSP (git-fixes).\n- KVM: x86/mmu: Check for present SPTE when clearing dirty bit in TDP MMU (git-fixes).\n- KVM: x86/mmu: Complete prefetch for trailing SPTEs for direct, legacy MMU (git-fixes).\n- KVM: x86/mmu: Fix TLB flush range when handling disconnected pt (git-fixes).\n- KVM: x86/mmu: Fix write-protection of PTs mapped by the TDP MMU (git-fixes).\n- KVM: x86/mmu: Passing up the error state of mmu_alloc_shadow_roots() (git-fixes).\n- KVM: x86/mmu: Pass parameter flush as false in kvm_tdp_mmu_zap_collapsible_sptes() (git-fixes).\n- KVM: x86/mmu: Remove spurious TLB flushes in TDP MMU zap collapsible path (git-fixes).\n- KVM: x86/mmu: Skip tlb flush if it has been done in zap_gfn_range() (git-fixes).\n- KVM: x86/mmu: Update number of zapped pages even if page list is stable (git-fixes).\n- KVM: x86/mmu: Use yield-safe TDP MMU root iter in MMU notifier unmapping (git-fixes).\n- KVM: x86: nSVM: restore the L1 host state prior to resuming nested guest on SMM exit (git-fixes).\n- KVM: x86: nSVM: skip eax alignment check for non-SVM instructions (git-fixes).\n- KVM: x86: nSVM: test eax for 4K alignment for GP errata workaround (git-fixes).\n- KVM: x86: Pend KVM_REQ_APICV_UPDATE during vCPU creation to fix a race (git-fixes).\n- KVM: x86/pmu: Fix reserved bits for AMD PerfEvtSeln register (git-fixes).\n- KVM: x86/pmu: Use AMD64_RAW_EVENT_MASK for PERF_TYPE_RAW (git-fixes).\n- KVM: x86: Register Processor Trace interrupt hook iff PT enabled in guest (git-fixes).\n- KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs (git-fixes).\n- KVM: x86: SVM: do not set VMLOAD/VMSAVE intercepts on vCPU reset (git-fixes).\n- KVM: x86: SVM: fix avic spec based definitions again (bsc#1193823 jsc#SLE-24549).\n- KVM: x86: SVM: move avic definitions from AMD\u0027s spec to svm.h (bsc#1193823 jsc#SLE-24549).\n- KVM: X86: Synchronize the shadow pagetable before link it (git-fixes).\n- KVM: x86: Update vCPU\u0027s runtime CPUID on write to MSR_IA32_XSS (git-fixes).\n- KVM: x86: Wait for IPIs to be delivered when handling Hyper-V TLB flush hypercall (git-fixes).\n- lib: bitmap: fix many kernel-doc warnings (git-fixes).\n- libbpf: Free up resources used by inner map definition (git-fixes).\n- lib/iov_iter: initialize \u0027flags\u0027 in new pipe_buffer (git-fixes).\n- libsubcmd: Fix use-after-free for realloc(..., 0) (git-fixes).\n- linux/dim: Fix divide by 0 in RDMA DIM (git-fixes).\n- list: fix a data-race around ep-\u003erdllist (git-fixes).\n- list: introduce list_is_head() helper and re-use it in list.h (git-fixes).\n- list: test: Add a test for list_is_head() (git-fixes).\n- livepatch: Do not block removal of patches that are safe to unload (bsc#1071995).\n- locking: Make owner_on_cpu() into linux/sched.h (bsc#1190137 bsc#1189998).\n- locking: Remove rt_rwlock_is_contended() (bsc#1190137 bsc#1189998).\n- locking/rtmutex: Add rt_mutex_lock_nest_lock() and rt_mutex_lock_killable() (bsc#1190137 bsc#1189998).\n- locking/rtmutex: Squash self-deadlock check for ww_rt_mutex (bsc#1190137 bsc#1189998).\n- locking/rwlocks: introduce write_lock_nested (bsc#1189998).\n- LSM: general protection fault in legacy_parse_param (git-fixes).\n- lz4: fix LZ4_decompress_safe_partial read out of bound (git-fixes).\n- mac80211: fix EAPoL rekey fail in 802.3 rx path (git-fixes).\n- mac80211: fix forwarded mesh frames AC and queue selection (git-fixes).\n- mac80211: fix potential double free on mesh join (git-fixes).\n- mac80211: fix rx reordering with non explicit / psmp ack policy (git-fixes).\n- mac80211_hwsim: call ieee80211_tx_prepare_skb under RCU protection (git-fixes).\n- mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work (git-fixes).\n- mac80211_hwsim: report NOACK frames in tx_status (git-fixes).\n- mac80211: minstrel_ht: fix where rate stats are stored (fixes debugfs output) (git-fixes).\n- mac80211: mlme: check for null after calling kmemdup (git-fixes).\n- mac80211: refuse aggregations sessions before authorized (git-fixes).\n- mac80211: Remove a couple of obsolete TODO (git-fixes).\n- mac80211: Reset MBSSID parameters upon connection (git-fixes).\n- mac80211: treat some SAE auth steps as final (git-fixes).\n- mac80211: upgrade passive scan to active scan on DFS channels after beacon rx (git-fixes).\n- macvlan: Fix leaking skb in source mode with nodst option (git-fixes).\n- mailbox: change mailbox-mpfs compatible string (git-fixes).\n- mailbox: imx: fix crash in resume on i.mx8ulp (git-fixes).\n- mailbox: imx: fix wakeup failure from freeze mode (git-fixes).\n- mailbox: tegra-hsp: Flush whole channel (git-fixes).\n- maple: fix wrong return value of maple_bus_init() (git-fixes).\n- md: Do not set mddev private to NULL in raid0 pers-\u003efree (git-fixes).\n- md: fix an incorrect NULL check in does_sb_need_changing (git-fixes).\n- md: fix an incorrect NULL check in md_reload_sb (git-fixes).\n- md: fix double free of io_acct_set bioset (git-fixes).\n- md: fix update super 1.0 on rdev size change (git-fixes).\n- md: Move alloc/free acct bioset in to personality (git-fixes).\n- md/raid5: play nice with PREEMPT_RT (bsc#1189998).\n- media: aspeed: Correct value for h-total-pixels (git-fixes).\n- media: atmel: atmel-isc-base: report frame sizes as full supported range (git-fixes).\n- media: atmel: atmel-isc: Fix PM disable depth imbalance in atmel_isc_probe (git-fixes).\n- media: atmel: atmel-sama5d2-isc: fix wrong mask in YUYV format check (git-fixes).\n- media: atmel: atmel-sama7g5-isc: fix ispck leftover (git-fixes).\n- media: atomisp: fix bad usage at error handling logic (git-fixes).\n- media: atomisp: fix dummy_ptr check to avoid duplicate active_bo (git-fixes).\n- media: atomisp_gmin_platform: Add DMI quirk to not turn AXP ELDO2 regulator off on some boards (git-fixes).\n- media: bttv: fix WARNING regression on tunerless devices (git-fixes).\n- media: camss: csid-170: do not enable unused irqs (git-fixes).\n- media: camss: csid-170: fix non-10bit formats (git-fixes).\n- media: camss: csid-170: remove stray comment (git-fixes).\n- media: camss: csid-170: set the right HALT_CMD when disabled (git-fixes).\n- media: camss: vfe-170: fix \u0027VFE halt timeout\u0027 error (git-fixes).\n- media: ccs-core.c: fix failure to call clk_disable_unprepare (git-fixes).\n- media: cec-adap.c: fix is_configuring state (git-fixes).\n- media: cedrus: h264: Fix neighbour info buffer size (git-fixes).\n- media: cedrus: H265: Fix neighbour info buffer size (git-fixes).\n- media: coda: Fix missing put_device() call in coda_get_vdoa_data (git-fixes).\n- media: cx25821: Fix the warning when removing the module (git-fixes).\n- media: cx88-mpeg: clear interrupt status register before streaming video (git-fixes).\n- media: davinci: Make use of the helper function devm_platform_ioremap_resource() (git-fixes).\n- media: davinci: vpif: fix unbalanced runtime PM enable (git-fixes).\n- media: davinci: vpif: fix unbalanced runtime PM get (git-fixes).\n- media: davinci: vpif: fix use-after-free on driver unbind (git-fixes).\n- media: doc: pixfmt-rgb: Fix V4L2_PIX_FMT_BGR24 format description (git-fixes).\n- media: doc: pixfmt-yuv: Fix V4L2-PIX-FMT-Y10P format (git-fixes).\n- media: em28xx: initialize refcount before kref_get (git-fixes).\n- media: gpio-ir-tx: fix transmit with long spaces on Orange Pi PC (git-fixes).\n- media: hantro: Empty encoder capture buffers by default (git-fixes).\n- media: hantro: Fix overfill bottom register field name (git-fixes).\n- media: hantro: HEVC: Fix tile info buffer value computation (git-fixes).\n- media: hantro: HEVC: unconditionnaly set pps_{cb/cr}_qp_offset values (git-fixes).\n- media: hdpvr: initialize dev-\u003eworker at hdpvr_register_videodev (git-fixes).\n- media: i2c: max9286: fix kernel oops when removing module (git-fixes).\n- media: i2c: max9286: Use dev_err_probe() helper (git-fixes).\n- media: i2c: max9286: Use \u0027maxim,gpio-poc\u0027 property (git-fixes).\n- media: i2c: ov5648: Fix lockdep error (git-fixes).\n- media: i2c: ov5648: fix wrong pointer passed to IS_ERR() and PTR_ERR() (git-fixes).\n- media: i2c: rdacm2x: properly set subdev entity function (git-fixes).\n- media: imon: reorganize serialization (git-fixes).\n- media: imx-jpeg: fix a bug of accessing array out of bounds (git-fixes).\n- media: imx-jpeg: Prevent decoding NV12M jpegs into single-planar buffers (git-fixes).\n- media: iommu/mediatek: Add device_link between the consumer and the larb devices (git-fixes).\n- media: iommu/mediatek: Return ENODEV if the device is NULL (git-fixes).\n- media: iommu/mediatek-v1: Free the existed fwspec if the master dev already has (git-fixes).\n- media: ir_toy: free before error exiting (git-fixes).\n- media: media-entity.h: Fix documentation for media_create_intf_link (git-fixes).\n- media: mexon-ge2d: fixup frames size in registers (git-fixes).\n- media: mtk-vcodec: potential dereference of null pointer (git-fixes).\n- media: omap3isp: Use struct_group() for memcpy() region (git-fixes).\n- media: ov5640: Fix set format, v4l2_mbus_pixelcode not updated (git-fixes).\n- media: ov5648: Do not pack controls struct (git-fixes).\n- media: ov6650: Add try support to selection API operations (git-fixes).\n- media: ov6650: Fix crop rectangle affected by set format (git-fixes).\n- media: ov6650: Fix set format try processing path (git-fixes).\n- media: ov7670: remove ov7670_power_off from ov7670_remove (git-fixes).\n- media: pci: cx23885: Fix the error handling in cx23885_initdev() (git-fixes).\n- media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init (git-fixes).\n- media: Revert \u0027media: em28xx: add missing em28xx_close_extension\u0027 (git-fixes).\n- media: rga: fix possible memory leak in rga_probe (git-fixes).\n- media: rkvdec: h264: Fix bit depth wrap in pps packet (git-fixes).\n- media: rkvdec: h264: Fix dpb_valid implementation (git-fixes).\n- media: rkvdec: Stop overclocking the decoder (git-fixes).\n- media: rockchip/rga: do proper error checking in probe (git-fixes).\n- media: saa7134: fix incorrect use to determine if list is empty (git-fixes).\n- media: staging: media: imx: imx7-mipi-csis: Make subdev name unique (git-fixes).\n- media: staging: media: rkvdec: Make use of the helper function devm_platform_ioremap_resource() (git-fixes).\n- media: staging: media: zoran: calculate the right buffer number for zoran_reap_stat_com (git-fixes).\n- media: staging: media: zoran: fix usage of vb2_dma_contig_set_max_seg_size (git-fixes).\n- media: staging: media: zoran: fix various V4L2 compliance errors (git-fixes).\n- media: staging: media: zoran: move videodev alloc (git-fixes).\n- media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED (git-fixes).\n- media: ti-vpe: cal: Fix a NULL pointer dereference in cal_ctx_v4l2_init_formats() (git-fixes).\n- media: usb: go7007: s2250-board: fix leak in probe() (git-fixes).\n- media: uvcvideo: Fix missing check to determine if element is found in list (git-fixes).\n- media: v4l2-core: Initialize h264 scaling matrix (git-fixes).\n- media: v4l2-mem2mem: Apply DST_QUEUE_OFF_BASE on MMAP buffers across ioctls (git-fixes).\n- media: v4l: Avoid unaligned access warnings when printing 4cc modifiers (git-fixes).\n- media: venus: hfi: avoid null dereference in deinit (git-fixes).\n- media: venus: hfi_cmds: List HDR10 property as unsupported for v1 and v3 (git-fixes).\n- media: videobuf2: Fix the size printk format (git-fixes).\n- media: video/hdmi: handle short reads of hdmi info frame (git-fixes).\n- media: vidtv: Check for null return of vzalloc (git-fixes).\n- mei: avoid iterator usage outside of list_for_each_entry (git-fixes).\n- mei: hbm: drop capability response on early shutdown (git-fixes).\n- mei: me: add Alder Lake N device id (git-fixes).\n- mei: me: add raptor lake point S DID (git-fixes).\n- mei: me: disable driver on the ign firmware (git-fixes).\n- memblock: fix memblock_phys_alloc() section mismatch error (git-fixes).\n- memory: atmel-ebi: Fix missing of_node_put in atmel_ebi_probe (git-fixes).\n- memory: emif: Add check for setup_interrupts (git-fixes).\n- memory: emif: check the pointer temp in get_device_details() (git-fixes).\n- memory: fsl_ifc: populate child nodes of buses and mfd devices (git-fixes).\n- memory: mtk-smi: Add error handle for smi_probe (git-fixes).\n- memory: renesas-rpc-if: Fix HF/OSPI data transfer in Manual Mode (git-fixes).\n- memory: renesas-rpc-if: fix platform-device leak in error path (git-fixes).\n- memory: samsung: exynos5422-dmc: Avoid some over memory allocation (git-fixes).\n- memory: samsung: exynos5422-dmc: Fix refcount leak in of_get_dram_timings (git-fixes).\n- mfd: asic3: Add missing iounmap() on error asic3_mfd_probe (git-fixes).\n- mfd: davinci_voicecodec: Fix possible null-ptr-deref davinci_vc_probe() (git-fixes).\n- mfd: exynos-lpass: Drop unneeded syscon.h include (git-fixes).\n- mfd: ipaq-micro: Fix error check return value of platform_get_irq() (git-fixes).\n- mfd: mc13xxx: Add check for mc13xxx_irq_request (git-fixes).\n- mgag200 fix memmapsl configuration in GCTL6 register (git-fixes).\n- misc: alcor_pci: Fix an error handling path (git-fixes).\n- misc: atmel-ssc: Fix IRQ check in ssc_probe (git-fixes).\n- misc: fastrpc: avoid double fput() on failed usercopy (git-fixes).\n- misc: fastrpc: fix an incorrect NULL check on list iterator (git-fixes).\n- misc: ocxl: fix possible double free in ocxl_file_register_afu (git-fixes).\n- misc: rtsx: set NULL intfdata when probe fails (git-fixes).\n- misc: sgi-gru: Do not cast parameter in bit operations (git-fixes).\n- mISDN: Fix memory leak in dsp_pipeline_build() (git-fixes).\n- mlx5: kabi protect lag_mp (git-fixes).\n- mlxsw: spectrum: Protect driver from buggy firmware (git-fixes).\n- mm: Add fault_in_subpage_writeable() to probe at sub-page granularity (git-fixes)\n- mmc: block: Check for errors after write on SPI (git-fixes).\n- mmc: block: Fix CQE recovery reset success (git-fixes).\n- mmc: block: fix read single on recovery logic (git-fixes).\n- mmc: core: Allows to override the timeout value for ioctl() path (git-fixes).\n- mmc: core: Fixup support for writeback-cache for eMMC and SD (git-fixes).\n- mmc: core: Set HS clock speed before sending HS CMD13 (git-fixes).\n- mmc: core: Wait for command setting \u0027Power Off Notification\u0027 bit to complete (git-fixes).\n- mmc: davinci_mmc: Handle error for clk_enable (git-fixes).\n- mm: Change CONFIG option for mm-\u003epasid field (jsc#SLE-24350).\n- mmc: host: Return an error when -\u003eenable_sdio_irq() ops is missing (git-fixes).\n- mmc: jz4740: Apply DMA engine limits to maximum segment size (git-fixes).\n- mm/cma: provide option to opt out from exposing pages on activation failure (bsc#1195099 ltc#196102).\n- mmc: mediatek: wait dma stop bit reset to 0 (git-fixes).\n- mmc: meson: Fix usage of meson_mmc_post_req() (git-fixes).\n- mmc: mmci: stm32: correctly check all elements of sg list (git-fixes).\n- mmc: renesas_sdhi: do not overwrite TAP settings when HS400 tuning is complete (git-fixes).\n- mmc: rtsx: add 74 Clocks in power on flow (git-fixes).\n- mmc: rtsx: Fix build errors/warnings for unused variable (git-fixes).\n- mmc: rtsx: Let MMC core handle runtime PM (git-fixes).\n- mmc: rtsx: Use pm_runtime_{get,put}() to handle runtime PM (git-fixes).\n- mmc: sdhci_am654: Fix the driver data of AM64 SoC (git-fixes).\n- mmc: sdhci-msm: Reset GCC_SDCC_BCR register for SDHC (git-fixes).\n- mmc: sdhci-of-esdhc: Check for error num after setting mask (git-fixes).\n- mmc: sdhci-pci-o2micro: Fix card detect by dealing with debouncing (git-fixes).\n- mmc: sunxi-mmc: Fix DMA descriptors allocated above 32 bits (git-fixes).\n- mm: fs: fix lru_cache_disabled race in bh_lru (bsc#1197761).\n- mm: Fully initialize invalidate_lock, amend lock class later (bsc#1197921).\n- mm: memcg: synchronize objcg lists with a dedicated spinlock (bsc#1198402).\n- mm/page_alloc: always attempt to allocate at least one page during bulk allocation (git fixes (mm/pgalloc)).\n- mm/page_alloc.c: do not warn allocation failure on zone DMA if no managed pages (bsc#1197501).\n- mm, page_alloc: fix build_zonerefs_node() (git-fixes).\n- mm/scatterlist: replace the !preemptible warning in sg_miter_stop() (bsc#1189998).\n- mm/slub: add missing TID updates on slab deactivation (git-fixes).\n- mm, thp: fix incorrect unmap behavior for private pages (bsc#1198024).\n- mm, thp: lock filemap when truncating page cache (bsc#1198023).\n- mm/vmalloc: fix comments about vmap_area struct (git-fixes).\n- mm_zone: add function to check if managed dma zone exists (bsc#1197501).\n- modpost: fix removing numeric suffixes (git-fixes).\n- modpost: fix section mismatch check for exported init/exit sections (git-fixes).\n- modpost: fix undefined behavior of is_arm_mapping_symbol() (git-fixes).\n- modpost: restore the warning message for missing symbol versions (git-fixes).\n- mptcp: add missing documented NL params (git-fixes).\n- mt76: connac: fix sta_rec_wtbl tag len (git-fixes).\n- mt76: dma: initialize skip_unmap in mt76_dma_rx_fill (git-fixes).\n- mt76: do not attempt to reorder received 802.3 packets without agg session (git-fixes).\n- mt76: fix encap offload ethernet type check (git-fixes).\n- mt76: fix monitor mode crash with sdio driver (git-fixes).\n- mt76: Fix undefined behavior due to shift overflowing the constant (git-fixes).\n- mt76: mt7603: check sta_rates pointer in mt7603_sta_rate_tbl_update (git-fixes).\n- mt76: mt7615: check sta_rates pointer in mt7615_sta_rate_tbl_update (git-fixes).\n- mt76: mt7615: fix a leftover race in runtime-pm (git-fixes).\n- mt76: mt7615: Fix assigning negative values to unsigned variable (git-fixes).\n- mt76: mt7915: fix injected MPDU transmission to not use HW A-MSDU (git-fixes).\n- mt76: mt7915: use proper aid value in mt7915_mcu_sta_basic_tlv (git-fixes).\n- mt76: mt7915: use proper aid value in mt7915_mcu_wtbl_generic_tlv in sta mode (git-fixes).\n- mt76: mt7921: accept rx frames with non-standard VHT MCS10-11 (git-fixes).\n- mt76: mt7921e: fix possible probe failure after reboot (bsc#1198835).\n- mt76: mt7921: fix a leftover race in runtime-pm (git-fixes).\n- mt76: mt7921: fix crash when startup fails (git-fixes).\n- mt76: mt7921: fix mt7921_queues_acq implementation (git-fixes).\n- mt76: mt7921: Fix the error handling path of mt7921_pci_probe() (git-fixes).\n- mtd: cfi_cmdset_0002: Move and rename chip_check/chip_ready/chip_good_for_write (git-fixes).\n- mtd: mchp23k256: Add SPI ID table (git-fixes).\n- mtd: mchp48l640: Add SPI ID table (git-fixes).\n- mtd: onenand: Check for error irq (git-fixes).\n- mtd: parsers: qcom: Fix kernel panic on skipped partition (git-fixes).\n- mtd: parsers: qcom: Fix missing free for pparts in cleanup (git-fixes).\n- mtd: phram: Prevent divide by zero bug in phram_setup() (git-fixes).\n- mtd: rawnand: atmel: fix refcount issue in atmel_nand_controller_init (git-fixes).\n- mtd: rawnand: brcmnand: Fixed incorrect sub-page ECC status (git-fixes).\n- mtd: rawnand: cadence: fix possible null-ptr-deref in cadence_nand_dt_probe() (git-fixes).\n- mtd: rawnand: denali: Use managed device resources (git-fixes).\n- mtd: rawnand: fix ecc parameters for mt7622 (git-fixes).\n- mtd: rawnand: Fix return value check of wait_for_completion_timeout (git-fixes).\n- mtd: rawnand: gpmi: do not leak PM reference in error path (git-fixes).\n- mtd: rawnand: gpmi: fix controller timings setting (git-fixes).\n- mtd: rawnand: gpmi: Fix setting busy timeout setting (git-fixes).\n- mtd: rawnand: ingenic: Fix missing put_device in ingenic_ecc_get (git-fixes).\n- mtd: rawnand: intel: fix possible null-ptr-deref in ebu_nand_probe() (git-fixes).\n- mtd: rawnand: pl353: Set the nand chip node as the flash node (git-fixes).\n- mtd: rawnand: qcom: Fix clock sequencing in qcom_nandc_probe() (git-fixes).\n- mtd: rawnand: qcom: fix memory corruption that causes panic (git-fixes).\n- mtd: spinand: gigadevice: fix Quad IO for GD5F1GQ5UExxG (git-fixes).\n- mtd: spi-nor: core: Check written SR value in spi_nor_write_16bit_sr_and_check() (git-fixes).\n- mwifiex: add mutex lock for call in mwifiex_dfs_chan_sw_work_queue (git-fixes).\n- n64cart: convert bi_disk to bi_bdev-\u003ebd_disk fix build (git-fixes).\n- natsemi: sonic: stop calling netdev_boot_setup_check (git-fixes).\n- net: asix: add proper error handling of usb read errors (git-fixes).\n- net: atlantic: Avoid out-of-bounds indexing (git-fixes).\n- net: ax25: Fix deadlock caused by skb_recv_datagram in ax25_recvmsg (git-fixes).\n- net: axienet: setup mdio unconditionally (git-fixes).\n- net: bnxt_ptp: fix compilation error (bsc#1199736).\n- net: dev: Always serialize on Qdisc::busylock in __dev_xmit_skb() on PREEMPT_RT (bsc#1189998).\n- net: dev: Change the order of the arguments for the contended condition (bsc#1189998).\n- net: dpaa2-eth: fix use-after-free in dpaa2_eth_remove (git-fixes).\n- net: dpaa_eth: remove dead select in menuconfig FSL_DPAA_ETH (git-fixes).\n- net: dsa: be compatible with masters which unregister on shutdown (git-fixes).\n- net: dsa: hellcreek: be compatible with masters which unregister on shutdown (git-fixes).\n- net: dsa: microchip: ksz8863: be compatible with masters which unregister on shutdown (git-fixes).\n- net: dsa: xrs700x: be compatible with masters which unregister on shutdown (git-fixes).\n- net: ethernet: lantiq_etop: fix build errors/warnings (git-fixes).\n- net: ethernet: mediatek: add missing of_node_put() in mtk_sgmii_init() (git-fixes).\n- net: ethernet: mtk_eth_soc: fix misuse of mem alloc interface netdev[napi]_alloc_frag (git-fixes).\n- net: ethernet: mtk_eth_soc: out of bounds read in mtk_hwlro_get_fdir_entry() (git-fixes).\n- net: ethernet: ti: am65-cpsw-nuss: Fix some refcount leaks (git-fixes).\n- netfilter: conntrack: move synack init code to helper (bsc#1199035).\n- netfilter: conntrack: re-init state for retransmitted syn-ack (bsc#1199035).\n- netfilter: nf_conntrack_tcp: preserve liberal flag in tcp options (bsc#1199035).\n- netfilter: nf_conntrack_tcp: re-init for syn packets only (bsc#1199035).\n- net: handle ARPHRD_PIMREG in dev_is_mac_header_xmit() (git-fixes).\n- net: hns3: add NULL pointer check for hns3_set/get_ringparam() (git-fixes).\n- net: hns3: add return value for mailbox handling in PF (bsc#1190336).\n- net: hns3: add validity check for message data length (git-fixes).\n- net: hns3: add vlan list lock to protect vlan list (git-fixes).\n- net: hns3: align the debugfs output to the left (git-fixes).\n- net: hns3: clear inited state and stop client after failed to register netdev (git-fixes).\n- net: hns3: fix bug when PF set the duplicate MAC address for VFs (git-fixes).\n- net: hns3: fix phy can not link up when autoneg off and reset (git-fixes).\n- net: hns3: fix port base vlan add fail when concurrent with reset (git-fixes).\n- net: hns3: fix software vlan talbe of vlan 0 inconsistent with hardware (git-fixes).\n- net: hns3: handle empty unknown interrupt for VF (git-fixes).\n- net: hns3: modify the return code of hclge_get_ring_chain_from_mbx (git-fixes).\n- net: hns3: refine the process when PF set VF VLAN (git-fixes).\n- net/ibmvnic: Cleanup workaround doing an EOI after partition migration (bsc#1089644 ltc#166495 ltc#165544 git-fixes).\n- net/ice: Add support for enable_iwarp and enable_roce devlink param (bsc#1200502).\n- net/ice: Fix boolean assignment (bsc#1200502).\n- net/ice: Remove unused enum (bsc#1200502).\n- net: ipa: disable HOLB drop when updating timer (git-fixes).\n- net: ipa: HOLB register sometimes must be written twice (git-fixes).\n- net/ipa: ipa_resource: Fix wrong for loop range (git-fixes).\n- net: ipv6: unexport __init-annotated seg6_hmac_init() (bsc#1201218).\n- net: ipv6: unexport __init-annotated seg6_hmac_net_init() (bsc#1201218).\n- net: macb: Align the dma and coherent dma masks (git-fixes).\n- net: mana: Add counter for packet dropped by XDP (bsc#1195651).\n- net: mana: Add counter for XDP_TX (bsc#1195651).\n- net: mana: Add handling of CQE_RX_TRUNCATED (bsc#1195651).\n- net: mana: Remove unnecessary check of cqe_type in mana_process_rx_cqe() (bsc#1195651).\n- net: mana: Reuse XDP dropped page (bsc#1195651).\n- net: mana: Use struct_size() helper in mana_gd_create_dma_region() (bsc#1195651).\n- net: marvell: mvpp2: increase MTU limit when XDP enabled (git-fixes).\n- net: marvell: prestera: fix double free issue on err path (git-fixes).\n- net: mdio: do not defer probe forever if PHY IRQ provider is missing (git-fixes).\n- net: mdio: unexport __init-annotated mdio_bus_init() (bsc#1201218).\n- net/mlx5: Avoid double clear or set of sync reset requested (git-fixes).\n- net/mlx5: Bridge, ensure dev_name is null-terminated (git-fixes).\n- net/mlx5: Bridge, Fix devlink deadlock on net namespace deletion (git-fixes).\n- net/mlx5: Bridge, take rtnl lock in init error handler (git-fixes).\n- net/mlx5: DR, Cache STE shadow memory (git-fixes).\n- net/mlx5: DR, Do not allow match on IP w/o matching on full ethertype/ip_version (git-fixes).\n- net/mlx5: DR, Fix slab-out-of-bounds in mlx5_cmd_dr_create_fte (jsc#SLE-19253).\n- net/mlx5: DR, Fix the threshold that defines when pool sync is initiated (git-fixes).\n- net/mlx5e: Add missing increment of count (jsc#SLE-19253).\n- net/mlx5e: Avoid field-overflowing memcpy() (git-fixes).\n- net/mlx5e: Avoid implicit modify hdr for decap drop rule (jsc#SLE-19253).\n- net/mlx5e: CT: Fix queued up restore put() executing after relevant ft release (git-fixes).\n- net/mlx5e: Do not treat small ceil values as unlimited in HTB offload (git-fixes).\n- net/mlx5e: Fix broken SKB allocation in HW-GRO (jsc#SLE-19253).\n- net/mlx5e: Fix handling of wrong devices during bond netevent (git-fixes).\n- net/mlx5e: Fix module EEPROM query (git-fixes).\n- net/mlx5e: Fix the calling of update_buffer_lossy() API (git-fixes).\n- net/mlx5e: Fix trust state reset in reload (git-fixes).\n- net/mlx5e: Fix wrong calculation of header index in HW_GRO (jsc#SLE-19253).\n- net/mlx5e: Fix wrong return value on ioctl EEPROM query failure (git-fixes).\n- net/mlx5e: Fix wrong source vport matching on tunnel rule (jsc#SLE-19253).\n- net/mlx5e: IPsec: Fix crypto offload for non TCP/UDP encapsulated traffic (git-fixes).\n- net/mlx5e: IPsec: Fix tunnel mode crypto offload for non TCP/UDP traffic (git-fixes).\n- net/mlx5e: kTLS, Use CHECKSUM_UNNECESSARY for device-offloaded packets (git-fixes).\n- net/mlx5e: Lag, Do not skip fib events on current dst (git-fixes).\n- net/mlx5e: Lag, Fix fib_info pointer assignment (git-fixes).\n- net/mlx5e: Lag, Fix use-after-free in fib event handler (git-fixes).\n- net/mlx5e: Lag, Only handle events from highest priority multipath entry (git-fixes).\n- net/mlx5e: MPLSoUDP decap, fix check for unsupported matches (git-fixes).\n- net/mlx5e: SHAMPO, reduce TIR indication (jsc#SLE-19253).\n- net/mlx5: E-Switch, Fix uninitialized variable modact (git-fixes).\n- net/mlx5e: TC, Reject rules with drop and modify hdr action (git-fixes).\n- net/mlx5e: TC, Reject rules with forward and drop actions (git-fixes).\n- net/mlx5e: Use struct_group() for memcpy() region (git-fixes).\n- net/mlx5: Fix a race on command flush flow (git-fixes).\n- net/mlx5: Fix deadlock in sync reset flow (git-fixes).\n- net/mlx5: Fix matching on inner TTC (jsc#SLE-19253).\n- net/mlx5: Fix offloading with ESWITCH_IPV4_TTL_MODIFY_ENABLE (jsc#SLE-19253).\n- net/mlx5: Fix possible deadlock on rule deletion (git-fixes).\n- net/mlx5: Fix size field in bufferx_reg struct (git-fixes).\n- net/mlx5: Fix slab-out-of-bounds while reading resource dump menu (git-fixes).\n- net/mlx5: Fix tc max supported prio for nic mode (git-fixes).\n- net/mlx5: Fix wrong limitation of metadata match on ecpf (git-fixes).\n- net/mlx5: Update the list of the PCI supported devices (git-fixes).\n- net/mlx5: Use del_timer_sync in fw reset flow of halting poll (git-fixes).\n- net: mvmdio: fix compilation warning (git-fixes).\n- net: netvsc: remove break after return (git-fixes).\n- net: phy: ax88772a: fix lost pause advertisement configuration (git-fixes).\n- net: phy: broadcom: Fix brcm_fet_config_init() (git-fixes).\n- net: phy: correct spelling error of media in documentation (git-fixes).\n- net: phy: DP83822: clear MISR2 register to disable interrupts (git-fixes).\n- net: phy: dp83867: retrigger SGMII AN when link change (git-fixes).\n- net: phy: Fix race condition on link status change (git-fixes).\n- net: phy: marvell10g: fix return value on error (git-fixes).\n- net: phy: marvell: Fix invalid comparison in the resume and suspend functions (git-fixes).\n- net: phy: marvell: Fix MDI-x polarity setting in 88e1118-compatible PHYs (git-fixes).\n- net: phy: marvell: Fix RGMII Tx/Rx delays setting in 88e1121-compatible PHYs (git-fixes).\n- net: phy: mediatek: remove PHY mode check on MT7531 (git-fixes).\n- net: phy: meson-gxl: fix interrupt handling in forced mode (git-fixes).\n- net: phy: meson-gxl: improve link-up behavior (git-fixes).\n- net: phy: micrel: Allow probing without .driver_data (git-fixes).\n- net: phy: micrel: Do not use kszphy_suspend/resume for KSZ8061 (git-fixes).\n- net: phy: micrel: Pass .probe for KS8737 (git-fixes).\n- net: phy: mscc: Add MODULE_FIRMWARE macros (git-fixes).\n- net: phy: mscc-miim: reject clause 45 register accesses (git-fixes).\n- net: qlogic: check the return value of dma_alloc_coherent() in qed_vf_hw_prepare() (git-fixes).\n- net: rose: fix UAF bugs caused by timer handler (git-fixes).\n- net: sfc: add missing xdp queue reinitialization (git-fixes).\n- net: sfc: ef10: fix memory leak in efx_ef10_mtd_probe() (git-fixes).\n- net: sfc: fix memory leak due to ptp channel (git-fixes).\n- net: sfc: fix using uninitialized xdp tx_queue (git-fixes).\n- net/smc: Avoid warning of possible recursive locking (git-fixes).\n- net/smc: fix connection leak (git-fixes).\n- net/smc: fixes for converting from \u0027struct smc_cdc_tx_pend **\u0027 to \u0027struct smc_wr_tx_pend_priv *\u0027 (git-fixes).\n- net/smc: Fix NULL pointer dereference in smc_pnet_find_ib() (git-fixes).\n- net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error cause by server (git-fixes).\n- net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error generated by client (git-fixes).\n- net/smc: non blocking recvmsg() return -EAGAIN when no data and signal_pending (git-fixes).\n- net/smc: postpone sk_refcnt increment in connect() (git-fixes).\n- net/smc: remove redundant re-assignment of pointer link (git-fixes).\n- net/smc: Remove unused function declaration (git-fixes).\n- net/smc: Reset conn-\u003elgr when link group registration fails (git-fixes).\n- net/smc: set ini-\u003esmcrv2.ib_dev_v2 to NULL if SMC-Rv2 is unavailable (git-fixes).\n- net/smc: sync err code when tcp connection was refused (git-fixes).\n- net/smc: Transfer remaining wait queue entries during fallback (git-fixes).\n- net/smc: Transitional solution for clcsock race issue (git-fixes).\n- net/smc: Use a mutex for locking \u0027struct smc_pnettable\u0027 (git-fixes).\n- net/smc: use memcpy instead of snprintf to avoid out of bounds read (git-fixes).\n- net: stmmac: fix gcc-10 -Wrestrict warning (git-fixes).\n- net: stmmac: Fix signed/unsigned wreckage (git-fixes).\n- net: stmmac: socfpga: add runtime suspend/resume callback for stratix10 platform (git-fixes).\n- net: usb: aqc111: Fix out-of-bounds accesses in RX fixup (git-fixes).\n- net: usb: asix: do not force pause frames support (git-fixes).\n- net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup (git-fixes).\n- net: usb: ax88179_178a: Fix packet receiving (git-fixes).\n- net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990 (git-fixes).\n- net: usb: qmi_wwan: Add support for Dell DW5829e (git-fixes).\n- Netvsc: Call hv_unmap_memory() in the netvsc_device_remove() (bsc#1183682).\n- net/x25: Fix null-ptr-deref caused by x25_disconnect (git-fixes).\n- net: xfrm: unexport __init-annotated xfrm4_protocol_init() (bsc#1201218).\n- nfc: hci: fix sleep in atomic context bugs in nfc_hci_hcp_message_tx (git-fixes).\n- nfc: nci: add flush_workqueue to prevent uaf (git-fixes).\n- nfc: nci: fix sleep in atomic context bugs caused by nci_skb_alloc (git-fixes).\n- nfc: netlink: fix sleep in atomic bug when firmware download timeout (git-fixes).\n- nfc: nfcmrvl: Fix irq_of_parse_and_map() return value (git-fixes).\n- nfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred (git-fixes).\n- nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs (git-fixes).\n- nfc: NULL out the dev-\u003erfkill to prevent UAF (git-fixes).\n- NFC: nxp-nci: Do not issue a zero length i2c_master_read() (git-fixes).\n- nfc: pn533: Fix buggy cleanup order (git-fixes).\n- nfc: port100: fix use-after-free in port100_send_complete (git-fixes).\n- nfc: st21nfca: fix incorrect sizing calculations in EVT_TRANSACTION (git-fixes).\n- nfc: st21nfca: fix incorrect validating logic in EVT_TRANSACTION (git-fixes).\n- nfc: st21nfca: fix memory leaks in EVT_TRANSACTION handling (git-fixes).\n- nfp: checking parameter process for rx-usecs/tx-usecs is invalid (git-fixes).\n- nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac() (git-fixes).\n- nfp: flower: fix ida_idx not being released (git-fixes).\n- NFS: Avoid duplicate uncached readdir calls on eof (git-fixes).\n- NFSD: allow delegation state ids to be revoked and then freed (bsc#1192483).\n- NFSD: allow lock state ids to be revoked and then freed (bsc#1192483).\n- NFSD: allow open state ids to be revoked and then freed (bsc#1192483).\n- nfsd: destroy percpu stats counters after reply cache shutdown (git-fixes).\n- NFSD: do not admin-revoke NSv4.0 state ids (bsc#1192483).\n- NFSD: Fix a write performance regression (bsc#1197016).\n- NFSD: fix crash on COPY_NOTIFY with special stateid (git-fixes).\n- NFSD: Fix nsfd startup race (again) (git-fixes).\n- nfsd: Fix null-ptr-deref in nfsd_fill_super() (git-fixes).\n- NFSD: Fix READDIR buffer overflow (git-fixes).\n- NFSD: Fix the behavior of READ near OFFSET_MAX (bsc#1195957).\n- NFSD: Fix verifier returned in stable WRITEs (git-fixes).\n- NFSD: Fix zero-length NFSv3 WRITEs (git-fixes).\n- NFSD: more robust allocation failure handling in nfsd_file_cache_init (git-fixes).\n- NFSD: nfsd4_setclientid_confirm mistakenly expires confirmed client (git-fixes).\n- NFS: Do not loop forever in nfs_do_recoalesce() (git-fixes).\n- NFS: Do not overfill uncached readdir pages (git-fixes).\n- NFS: Do not report EINTR/ERESTARTSYS as mapping errors (git-fixes).\n- NFS: Do not report ENOSPC write errors twice (git-fixes).\n- NFS: Do not report errors from nfs_pageio_complete() more than once (git-fixes).\n- NFS: Do not report flush errors in nfs_write_end() (git-fixes).\n- NFS: Do not report writeback errors in nfs_getattr() (git-fixes).\n- NFS: Do not skip directory entries when doing uncached readdir (git-fixes).\n- NFS: do not store \u0027struct cred *\u0027 in struct nfs_access_entry (git-fixes).\n- NFSD: prepare for supporting admin-revocation of state (bsc#1192483).\n- NFSD: Replace use of rwsem with errseq_t (bsc#1196960).\n- NFS: Ensure the server had an up to date ctime before hardlinking (git-fixes).\n- NFS: Ensure the server had an up to date ctime before renaming (git-fixes).\n- NFS: fix broken handling of the softreval mount option (git-fixes).\n- NFS: Fix initialisation of nfs_client cl_flags field (git-fixes).\n- NFS: fsync() should report filesystem errors over EINTR/ERESTARTSYS (git-fixes).\n- NFS: Further fixes to the writeback error handling (git-fixes).\n- NFS: limit use of ACCESS cache for negative responses (bsc#1196570).\n- NFS: Memory allocation failures are not server fatal errors (git-fixes).\n- NFS: NFSv2/v3 clients should never be setting NFS_CAP_XATTR (git-fixes).\n- NFS: pass cred explicitly for access tests (git-fixes).\n- NFS: Remove an incorrect revalidation in nfs4_update_changeattr_locked() (git-fixes).\n- NFS: Return valid errors from nfs2/3_decode_dirent() (git-fixes).\n- NFS: Use of mapping_set_error() results in spurious errors (git-fixes).\n- NFSv4.1: do not retry BIND_CONN_TO_SESSION on session error (git-fixes).\n- NFSv4.1 mark qualified async operations as MOVEABLE tasks (git-fixes).\n- NFSv42: Do not fail clone() unless the OP_CLONE operation failed (git-fixes).\n- NFSv42: Fix pagecache invalidation after COPY/CLONE (git-fixes).\n- NFSv4: Do not invalidate inode attributes on delegation return (git-fixes).\n- NFSv4: Fix another issue with a list iterator pointing to the head (git-fixes).\n- NFSv4: fix open failure with O_ACCMODE flag (git-fixes).\n- NFSv4: nfs_atomic_open() can race when looking up a non-regular file (git-fixes).\n- NFSv4/pNFS: Do not fail I/O when we fail to allocate the pNFS layout (git-fixes).\n- nl80211: correctly check NL80211_ATTR_REG_ALPHA2 size (git-fixes).\n- nl80211: fix locking in nl80211_set_tx_bitrate_mask() (git-fixes).\n- nl80211: Handle nla_memdup failures in handle_nan_filter (git-fixes).\n- nl80211: show SSID for P2P_GO interfaces (git-fixes).\n- nl80211: Update bss channel on channel switch for P2P_CLIENT (git-fixes).\n- nl80211: validate S1G channel width (git-fixes).\n- ntb_hw_switchtec: Fix bug with more than 32 partitions (git-fixes).\n- ntb_hw_switchtec: Fix pff ioread to read into mmio_part_cfg_all (git-fixes).\n- ntb: intel: fix port config status offset for SPR (git-fixes).\n- n_tty: wake up poll(POLLRDNORM) on receiving data (git-fixes).\n- nvme: add verbose error logging (bsc#1200567). Update config files.\n- nvme: also mark passthrough-only namespaces ready in nvme_update_ns_info (git-fixes).\n- nvme: do not return an error from nvme_configure_metadata (git-fixes).\n- nvme: expose cntrltype and dctype through sysfs (jsc#SLE-23643).\n- nvme: fix a possible use-after-free in controller reset during load (git-fixes).\n- nvme-multipath: use vmalloc for ANA log buffer (bsc#1193787).\n- nvme: send uevent on connection up (jsc#SLE-23643).\n- objtool: Add frame-pointer-specific function ignore (bsc#1193277).\n- objtool: Fix code relocs vs weak symbols (git-fixes).\n- objtool: Fix type of reloc::addend (git-fixes).\n- objtool: Ignore unwind hints for ignored functions (bsc#1193277).\n- ocfs2: fix crash when initialize filecheck kobj fails (bsc#1197920).\n- octeontx2-af: Add a \u0027rvu_free_bitmap()\u0027 function (gix-fixes).\n- octeontx2-af: Fix some memory leaks in the error handling path of \u0027cgx_lmac_init()\u0027 (git-fixes).\n- of: base: Fix phandle argument length mismatch error message (git-fixes).\n- of: base: Improve argument length mismatch error (git-fixes).\n- of/fdt: Do not worry about non-memory region overlap for no-map (git-fixes).\n- of: overlay: do not break notify on NOTIFY_{OK|STOP} (git-fixes).\n- of: Support more than one crash kernel regions for kexec -s (git-fixes).\n- of: unittest: 64 bit dma address test requires arch support (git-fixes).\n- of: unittest: fix warning on PowerPC frame size warning (git-fixes).\n- of: unittest: update text of expected warnings (git-fixes).\n- pahole 1.22 required for full BTF features. also recommend pahole for kernel-source to make the kernel buildable with standard config\n- PCI: aardvark: Add support for DEVCAP2, DEVCTL2, LNKCAP2 and LNKCTL2 registers on emulated bridge (git-fixes).\n- PCI: aardvark: Add support for ERR interrupt on emulated bridge (git-fixes).\n- PCI: aardvark: Add support for masking MSI interrupts (git-fixes).\n- PCI: aardvark: Add support for PME interrupts (git-fixes).\n- PCI: aardvark: Assert PERST# when unbinding driver (git-fixes).\n- PCI: aardvark: Clear all MSIs at setup (git-fixes).\n- PCI: aardvark: Comment actions in driver remove method (git-fixes).\n- PCI: aardvark: Disable bus mastering when unbinding driver (git-fixes).\n- PCI: aardvark: Disable common PHY when unbinding driver (git-fixes).\n- PCI: aardvark: Disable link training when unbinding driver (git-fixes).\n- PCI: aardvark: Do not mask irq when mapping (git-fixes).\n- PCI: aardvark: Drop __maybe_unused from advk_pcie_disable_phy() (git-fixes).\n- PCI: aardvark: Enable MSI-X support (git-fixes).\n- PCI: aardvark: Fix memory leak in driver unbind (git-fixes).\n- PCI: aardvark: Fix reading MSI interrupt number (git-fixes).\n- PCI: aardvark: Fix reading PCI_EXP_RTSTA_PME bit on emulated bridge (git-fixes).\n- PCI: aardvark: Fix setting MSI address (git-fixes).\n- PCI: aardvark: Fix support for MSI interrupts (git-fixes).\n- PCI: aardvark: Fix support for PME requester on emulated bridge (git-fixes).\n- PCI: aardvark: Make msi_domain_info structure a static driver structure (git-fixes).\n- PCI: aardvark: Make MSI irq_chip structures static driver structures (git-fixes).\n- PCI: aardvark: Mask all interrupts when unbinding driver (git-fixes).\n- PCI: aardvark: Optimize writing PCI_EXP_RTCTL_PMEIE and PCI_EXP_RTSTA_PME on emulated bridge (git-fixes).\n- PCI: aardvark: Refactor unmasking summary MSI interrupt (git-fixes).\n- PCI: aardvark: Remove irq_mask_ack() callback for INTx interrupts (git-fixes).\n- PCI: aardvark: Replace custom PCIE_CORE_INT_* macros with PCI_INTERRUPT_* (git-fixes).\n- PCI: aardvark: Rewrite IRQ code to chained IRQ handler (git-fixes).\n- PCI: aardvark: Update comment about link going down after link-up (git-fixes).\n- PCI: aardvark: Use dev_fwnode() instead of of_node_to_fwnode(dev-\u003eof_node) (git-fixes).\n- PCI: aardvark: Use separate INTA interrupt for emulated root bridge (git-fixes).\n- PCI/ACPI: Allow D3 only if Root Port can signal and wake from D3 (git-fixes).\n- PCI: Add ACS quirk for Pericom PI7C9X2G switches (bsc#1199390).\n- PCI/AER: Clear MULTI_ERR_COR/UNCOR_RCV bits (git-fixes).\n- PCI: Avoid broken MSI on SB600 USB devices (git-fixes).\n- PCI: cadence: Fix find_first_zero_bit() limit (git-fixes).\n- PCI: dwc: Fix setting error return on MSI DMA mapping failure (git-fixes).\n- PCI: endpoint: Fix alignment fault error in copy tests (git-fixes).\n- PCI: endpoint: Fix misused goto label (git-fixes).\n- PCI: fu740: Force 2.5GT/s for initial device probe (git-fixes).\n- PCI: hv: Do not set PCI_COMMAND_MEMORY to reduce VM boot time (bsc#1199314).\n- PCI: hv: Fix hv_arch_irq_unmask() for multi-MSI (bsc#1200845).\n- PCI: hv: Fix interrupt mapping for multi-MSI (bsc#1200845).\n- PCI: hv: Fix multi-MSI to allow more than one MSI vector (bsc#1200845).\n- PCI: hv: Fix NUMA node assignment when kernel boots with custom NUMA topology (git-fixes).\n- PCI: hv: Reuse existing IRTE allocation in compose_msi_msg() (bsc#1200845).\n- PCI: imx6: Allow to probe when dw_pcie_wait_for_link() fails (git-fixes).\n- PCI: imx6: Fix PERST# start-up sequence (git-fixes).\n- PCI: Mark all AMD Navi10 and Navi14 GPU ATS as broken (git-fixes).\n- PCI: microchip: Fix potential race in interrupt handling (git-fixes).\n- PCI: mvebu: Fix configuring secondary bus of PCIe Root Port via emulated bridge (git-fixes).\n- PCI: mvebu: Fix device enumeration regression (git-fixes).\n- PCI: mvebu: Fix support for bus mastering and PCI_COMMAND on emulated bridge (git-fixes).\n- PCI: mvebu: Fix support for PCI_BRIDGE_CTL_BUS_RESET on emulated bridge (git-fixes).\n- PCI: mvebu: Setup PCIe controller to Root Complex mode (git-fixes).\n- PCI: pci-bridge-emul: Add definitions for missing capabilities registers (git-fixes).\n- PCI: pci-bridge-emul: Add description for class_revision field (git-fixes).\n- PCI: pciehp: Add Qualcomm quirk for Command Completed erratum (git-fixes).\n- PCI: pciehp: Clear cmd_busy bit in polling mode (git-fixes).\n- PCI/PM: Power up all devices during runtime resume (git-fixes).\n- PCI: qcom: Fix runtime PM imbalance on probe errors (git-fixes).\n- PCI: qcom: Fix unbalanced PHY init on probe errors (git-fixes).\n- PCI: rockchip: Fix find_first_zero_bit() limit (git-fixes).\n- PCI/switchtec: Add Gen4 automotive device IDs (git-fixes).\n- PCI: Work around Intel I210 ROM BAR overlap defect (git-fixes).\n- pcmcia: db1xxx_ss: restrict to MIPS_DB1XXX boards (git-fixes).\n- perf: Copy perf_event_attr::sig_data on modification (git fixes).\n- perf/core: Do not pass task around when ctx sched in (git-fixes).\n- perf/core: Fix address filter parser for multiple filters (git fixes).\n- perf/core: Fix cgroup event list management (git fixes).\n- perf/core: Fix perf_cgroup_switch() (git fixes).\n- perf/core: Fix perf_mmap fail when CONFIG_PERF_USE_VMALLOC enabled (git fixes).\n- perf: Fix list corruption in perf_cgroup_switch() (git fixes).\n- perf/x86/intel/pt: Fix address filter config for 32-bit kernel (git fixes).\n- perf/x86/intel/pt: Fix crash with stop filters in single-range mode (git fixes).\n- perf/x86/intel/uncore: Make uncore_discovery clean for 64 bit addresses (bsc#1197304).\n- perf/x86/intel: Update the FRONTEND MSR mask on Sapphire Rapids (git fixes).\n- phy: amlogic: fix error path in phy_g12a_usb3_pcie_probe() (git-fixes).\n- phy: amlogic: meson8b-usb2: fix shared reset control use (git-fixes).\n- phy: amlogic: meson8b-usb2: Use dev_err_probe() (git-fixes).\n- phy: amlogic: phy-meson-gxl-usb2: fix shared reset controller use (git-fixes).\n- phy: aquantia: Fix AN when higher speeds than 1G are not advertised (git-fixes).\n- phy: broadcom: Kconfig: Fix PHY_BRCM_USB config option (git-fixes).\n- phy: dphy: Correct clk_pre parameter (git-fixes).\n- phy: dphy: Correct lpx parameter and its derivatives(ta_{get,go,sure}) (git-fixes).\n- phy: mapphone-mdm6600: Fix PM error handling in phy_mdm6600_probe (git-fixes).\n- phy: phy-brcm-usb: fixup BCM4908 support (git-fixes).\n- phy: qcom-qmp: fix pipe-clock imbalance on power-on failure (git-fixes).\n- phy: qcom-qmp: fix reset-controller leak on probe errors (git-fixes).\n- phy: qcom-qmp: fix struct clk leak on probe errors (git-fixes).\n- phy: samsung: exynos5250-sata: fix missing device put in probe error paths (git-fixes).\n- phy: samsung: Fix missing of_node_put() in exynos_sata_phy_probe (git-fixes).\n- phy: stm32: fix a refcount leak in stm32_usbphyc_pll_enable() (git-fixes).\n- phy: ti: Add missing pm_runtime_disable() in serdes_am654_probe (git-fixes).\n- phy: ti: Fix missing sentinel for clk_div_table (git-fixes).\n- phy: ti: omap-usb2: Fix error handling in omap_usb2_enable_clocks (git-fixes).\n- phy: usb: Leave some clocks running during suspend (git-fixes).\n- phy: xilinx: zynqmp: Fix bus width setting for SGMII (git-fixes).\n- pinctrl: bcm2835: Fix a few error paths (git-fixes).\n- pinctrl: bcm63xx: fix unmet dependency on REGMAP for GPIO_REGMAP (git-fixes).\n- pinctrl: fix loop in k210_pinconf_get_drive() (git-fixes).\n- pinctrl: intel: Fix a glitch when updating IRQ flags on a preconfigured line (git-fixes).\n- pinctrl: intel: fix unexpected interrupt (git-fixes).\n- pinctrl: k210: Fix bias-pull-up (git-fixes).\n- pinctrl: mediatek: Fix missing of_node_put() in mtk_pctrl_init (git-fixes).\n- pinctrl: mediatek: moore: Fix build error (git-fixes).\n- pinctrl: mediatek: mt8195: enable driver on mtk platforms (git-fixes).\n- pinctrl: mediatek: mt8365: fix IES control pins (git-fixes).\n- pinctrl: mediatek: paris: Fix \u0027argument\u0027 argument type for mtk_pinconf_get() (git-fixes).\n- pinctrl: mediatek: paris: Fix PIN_CONFIG_BIAS_* readback (git-fixes).\n- pinctrl: mediatek: paris: Fix pingroup pin config state readback (git-fixes).\n- pinctrl: mediatek: paris: Skip custom extra pin config dump for virtual GPIOs (git-fixes).\n- pinctrl: microchip-sgpio: lock RMW access (git-fixes).\n- pinctrl: microchip sgpio: use reset driver (git-fixes).\n- pinctrl: mvebu: Fix irq_of_parse_and_map() return value (git-fixes).\n- pinctrl: nomadik: Add missing of_node_put() in nmk_pinctrl_probe (git-fixes).\n- pinctrl: npcm: Fix broken references to chip-\u003eparent_device (git-fixes).\n- pinctrl: nuvoton: npcm7xx: Rename DS() macro to DSTR() (git-fixes).\n- pinctrl: nuvoton: npcm7xx: Use %zu printk format for ARRAY_SIZE() (git-fixes).\n- pinctrl: pinconf-generic: Print arguments for bias-pull-* (git-fixes).\n- pinctrl: pinctrl-aspeed-g6: remove FWQSPID group in pinctrl (git-fixes).\n- pinctrl: pistachio: fix use of irq_of_parse_and_map() (git-fixes).\n- pinctrl: renesas: checker: Fix miscalculation of number of states (git-fixes).\n- pinctrl: renesas: core: Fix possible null-ptr-deref in sh_pfc_map_resources() (git-fixes).\n- pinctrl: renesas: r8a77470: Reduce size for narrow VIN1 channel (git-fixes).\n- pinctrl: renesas: r8a779a0: Fix GPIO function on I2C-capable pins (git-fixes).\n- pinctrl: renesas: rzn1: Fix possible null-ptr-deref in sh_pfc_map_resources() (git-fixes).\n- pinctrl/rockchip: Add missing of_node_put() in rockchip_pinctrl_probe (git-fixes).\n- pinctrl: rockchip: fix RK3308 pinmux bits (git-fixes).\n- pinctrl: samsung: drop pin banks references on error paths (git-fixes).\n- pinctrl: samsung: fix missing GPIOLIB on ARM64 Exynos config (git-fixes).\n- pinctrl: stm32: Do not call stm32_gpio_get() for edge triggered IRQs in EOI (git-fixes).\n- pinctrl: stm32: Keep pinctrl block clock enabled when LEVEL IRQ requested (git-fixes).\n- pinctrl: sunxi: fix f1c100s uart2 function (git-fixes).\n- pinctrl: sunxi: Fix H616 I2S3 pin data (git-fixes).\n- pinctrl: sunxi: Use unique lockdep classes for IRQs (git-fixes).\n- pinctrl: tegra: tegra194: drop unused pin groups (git-fixes).\n- pinctrl: tigerlake: Revert \u0027Add Alder Lake-M ACPI ID\u0027 (git-fixes).\n- ping: fix the sk_bound_dev_if match in ping_lookup (bsc#1195826).\n- ping: remove pr_err from ping_lookup (bsc#1195826).\n- pipe: Fix missing lock in pipe_resize_ring() (git-fixes).\n- platform/chrome: cros_ec_debugfs: detach log reader wq from devm (git-fixes).\n- platform/chrome: cros_ec: fix error handling in cros_ec_register() (git-fixes).\n- platform/chrome: cros_ec_typec: Check for EC device (git-fixes).\n- platform/chrome: Re-introduce cros_ec_cmd_xfer and use it for ioctls (git-fixes).\n- platform: finally disallow IRQ0 in platform_get_irq() and its ilk (git-fixes).\n- platform/surface: aggregator: Fix initialization order when compiling as builtin module (git-fixes).\n- platform/surface: surface3-wmi: Simplify resource management (git-fixes).\n- platform/x86: Add Intel Software Defined Silicon driver (jsc#SLE-18938).\n- platform/x86: asus-wmi: Add support for custom fan curves (bsc#1198058).\n- platform/x86: asus-wmi: Delete impossible condition (bsc#1198058).\n- platform/x86: asus-wmi: Fix driver not binding when fan curve control probe fails (git-fixes).\n- platform/x86: asus-wmi: Fix regression when probing for fan curve control (bsc#1198058).\n- platform/x86: asus-wmi: Fix \u0027unsigned \u0027retval\u0027 is never less than zero\u0027 smatch warning (bsc#1198058).\n- platform/x86: asus-wmi: Potential buffer overflow in asus_wmi_evaluate_method_buf() (git-fixes).\n- platform/x86: gigabyte-wmi: Add support for B450M DS3H-CF (git-fixes).\n- platform/x86: gigabyte-wmi: Add Z690M AORUS ELITE AX DDR4 support (git-fixes).\n- platform/x86: huawei-wmi: check the return value of device_create_file() (git-fixes).\n- platform/x86: intel-hid: fix _DSM function index handling (git-fixes).\n- platform/x86/intel/sdsi: Fix bug in multi packet reads (jsc#SLE-18901).\n- platform/x86/intel/sdsi: Handle leaky bucket (jsc#SLE-18901).\n- platform/x86/intel/sdsi: Poll on ready bit for writes (jsc#SLE-18901).\n- platform/x86: panasonic-laptop: de-obfuscate button codes (git-fixes).\n- platform/x86: panasonic-laptop: do not report duplicate brightness key-presses (git-fixes).\n- platform/x86: panasonic-laptop: filter out duplicate volume up/down/mute keypresses (git-fixes).\n- platform/x86: panasonic-laptop: revert \u0027Resolve hotkey double trigger bug\u0027 (git-fixes).\n- platform/x86: panasonic-laptop: sort includes alphabetically (git-fixes).\n- platform/x86: samsung-laptop: Fix an unsigned comparison which can never be negative (git-fixes).\n- platform/x86: touchscreen_dmi: Add info for the RWC NANOTE P8 AY07J 2-in-1 (git-fixes).\n- PM: core: keep irq flags in device_pm_check_callbacks() (git-fixes).\n- PM / devfreq: exynos-ppmu: Fix refcount leak in of_get_devfreq_events (git-fixes).\n- PM / devfreq: rk3399_dmc: Disable edev on remove() (git-fixes).\n- PM: domains: Fix initialization of genpd\u0027s next_wakeup (git-fixes).\n- PM: domains: Fix sleep-in-atomic bug caused by genpd_debug_remove() (git-fixes).\n- PM: hibernate: fix __setup handler error handling (git-fixes).\n- PM: hibernate: Remove register_nosave_region_late() (git-fixes).\n- PM: s2idle: ACPI: Fix wakeup interrupts handling (git-fixes).\n- PM: suspend: fix return value of __setup handler (git-fixes).\n- PM: wakeup: simplify the output logic of pm_show_wakelocks() (git-fixes).\n- pNFS: Avoid a live lock condition in pnfs_update_layout() (git-fixes).\n- pNFS: Do not keep retrying if the server replied NFS4ERR_LAYOUTUNAVAILABLE (git-fixes).\n- powerpc/64: Move paca allocation later in boot (bsc#1190812).\n- powerpc/64s: Add CPU_FTRS_POWER10 to ALWAYS mask (jsc#SLE-13521 git-fixes).\n- powerpc/64s: Add CPU_FTRS_POWER9_DD2_2 to CPU_FTRS_ALWAYS mask (bsc#1061840 git-fixes).\n- powerpc/64s: Do not use DSISR for SLB faults (bsc#1194869).\n- powerpc/64s/radix: Fix huge vmap false positive (bsc#1156395).\n- powerpc: add link stack flush mitigation status in debugfs (bsc#1157038 bsc#1157923 ltc#182612 git-fixes).\n- powerpc/bpf: Update ldimm64 instructions during extra pass (bsc#1194869).\n- powerpc: Do not select HAVE_IRQ_EXIT_ON_IRQ_STACK (bsc#1194869).\n- powerpc: Enable the DAWR on POWER9 DD2.3 and above (bsc#1055117 ltc#159753).\n- powerpc/fadump: fix PT_LOAD segment for boot memory area (bsc#1103269 ltc#169948 git-fixes).\n- powerpc/fadump: opt out from freeing pages on cma activation failure (bsc#1195099 ltc#196102).\n- powerpc/fadump: register for fadump as early as possible (bsc#1179439 ltc#190038).\n- powerpc/idle: Fix return value of __setup() handler (bsc#1065729).\n- powerpc/lib/sstep: Fix \u0027sthcx\u0027 instruction (bsc#1156395).\n- powerpc/mce: Modify the real address error logging messages (jsc#SLE-18194).\n- powerpc/mm/numa: skip NUMA_NO_NODE onlining in parse_numa_properties() (bsc#1179639 ltc#189002 git-fixes).\n- powerpc/perf: Do not use perf_hw_context for trace IMC PMU (bsc#1156395).\n- powerpc/perf: Fix power10 event alternatives (jsc#SLE-13513 git-fixes).\n- powerpc/perf: Fix power9 event alternatives (bsc#1137728, LTC#178106, git-fixes).\n- powerpc/perf: Fix power_pmu_disable to call clear_pmi_irq_pending only if PMI is pending (bsc#1156395).\n- powerpc/perf: Fix the threshold compare group constraint for power10 (bsc#1194869).\n- powerpc/perf: Fix the threshold compare group constraint for power9 (bsc#1065729).\n- powerpc/powernv: Add __init attribute to eligible functions (bsc#1188885 ltc#193722 git-fixes).\n- powerpc/powernv: Get L1D flush requirements from device-tree (bsc#1188885 ltc#193722 git-fixes).\n- powerpc/powernv: Get STF barrier requirements from device-tree (bsc#1188885 ltc#193722 git-fixes).\n- powerpc/powernv: Remove POWER9 PVR version check for entry and uaccess flushes (bsc#1188885 ltc#193722 git-fixes).\n- powerpc/pseries: Fix use after free in remove_phb_dynamic() (bsc#1065729).\n- powerpc/pseries: Parse control memory access error (jsc#SLE-18194).\n- powerpc/pseries: read the lpar name from the firmware (bsc#1187716 ltc#193451).\n- powerpc/rtas: Allow ibm,platform-dump RTAS call with null buffer address (bsc#1200343 ltc#198477).\n- powerpc: Set crashkernel offset to mid of RMA region (bsc#1190812).\n- powerpc/sysdev: fix incorrect use to determine if list is empty (bsc#1065729).\n- powerpc/tm: Fix more userspace r13 corruption (bsc#1065729).\n- powerpc/vdso: Fix incorrect CFI in gettimeofday.S (bsc#1199173 ltc#197388).\n- powerpc/vdso: Remove cvdso_call_time macro (bsc#1199173 ltc#197388).\n- powerpc/xive: Add a debugfs file to dump EQs (bsc#1194409 ltc#195810).\n- powerpc/xive: Add some error handling code to \u0027xive_spapr_init()\u0027 (git-fixes).\n- powerpc/xive: Change the debugfs file \u0027xive\u0027 into a directory (bsc#1194409 ltc#195810).\n- powerpc/xive: Export XIVE IPI information for online-only processors (bsc#1194409 ltc#195810).\n- powerpc/xive: Fix refcount leak in xive_spapr_init (git-fixes).\n- powerpc/xive: fix return value of __setup handler (bsc#1065729).\n- powerpc/xive: Introduce an helper to print out interrupt characteristics (bsc#1194409 ltc#195810).\n- powerpc/xive: Introduce xive_core_debugfs_create() (bsc#1194409 ltc#195810).\n- powerpc/xive: Rename the \u0027cpus\u0027 debugfs file to \u0027ipis\u0027 (bsc#1194409 ltc#195810).\n- power: reset: gemini-poweroff: Fix IRQ check in gemini_poweroff_probe (git-fixes).\n- power: supply: ab8500: Fix memory leak in ab8500_fg_sysfs_init (git-fixes).\n- power: supply: axp20x_battery: properly report current when discharging (git-fixes).\n- power: supply: axp288-charger: Set Vhold to 4.4V (git-fixes).\n- power: supply: axp288_fuel_gauge: Drop BIOS version check from \u0027T3 MRD\u0027 DMI quirk (git-fixes).\n- power: supply: axp288_fuel_gauge: Fix battery reporting on the One Mix 1 (git-fixes).\n- power: supply: bq24190_charger: Fix bq24190_vbus_is_enabled() wrong false return (git-fixes).\n- power: supply: sbs-charger: Do not cancel work that is not initialized (git-fixes).\n- power: supply: wm8350-power: Add missing free in free_charger_irq (git-fixes).\n- power: supply: wm8350-power: Handle error for wm8350_register_irq (git-fixes).\n- pps: clients: gpio: Propagate return value from pps_gpio_probe (git-fixes).\n- printk: Add panic_in_progress helper (bsc#1197894).\n- printk: disable optimistic spin during panic (bsc#1197894).\n- proc: bootconfig: Add null pointer check (git-fixes).\n- proc: fix documentation and description of pagemap (git-fixes).\n- procfs: prevent unprivileged processes accessing fdinfo dir (git-fixes).\n- psi: fix \u0027defined but not used\u0027 warnings when (git-fixes)\n- ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE (bsc#1198413).\n- pvpanic: Fix typos in the comments (git-fixes).\n- pwm: lp3943: Fix duty calculation in case period was clamped (git-fixes).\n- pwm: lpc18xx-sct: Initialize driver data and hardware before pwmchip_add() (git-fixes).\n- pwm: raspberrypi-poe: Fix endianness in firmware struct (git-fixes).\n- qed: display VF trust config (git-fixes).\n- qede: confirm skb is allocated before using (git-fixes).\n- qed: fix ethtool register dump (jsc#SLE-19001).\n- qed: return status of qed_iov_get_link (git-fixes).\n- qla2xxx: add -\u003emap_queues support for nvme (bsc#1195823).\n- qlcnic: dcb: default to returning -EOPNOTSUPP (git-fixes).\n- raid5: introduce MD_BROKEN (git-fixes).\n- random: check for signal_pending() outside of need_resched() check (git-fixes).\n- random: wake up /dev/random writers after zap (git-fixes).\n- random: wire up fops-\u003esplice_{read,write}_iter() (git-fixes).\n- ray_cs: Check ioremap return value (git-fixes).\n- RDMA/cma: Do not change route.addr.src_addr outside state checks (git-fixes).\n- RDMA/cma: Use correct address when leaving multicast group (git-fixes).\n- RDMA/core: Fix ib_qp_usecnt_dec() called when error (jsc#SLE-19249).\n- RDMA/core: Set MR type in ib_reg_user_mr (git-fixes).\n- RDMA/hfi1: Fix use-after-free bug for mm struct (git-fixes).\n- RDMA/ib_srp: Fix a deadlock (git-fixes).\n- RDMA/irdma: Fix netdev notifications for vlan\u0027s (git-fixes).\n- RDMA/irdma: Fix Passthrough mode in VM (git-fixes).\n- RDMA/irdma: Fix possible crash due to NULL netdev in notifier (git-fixes).\n- RDMA/irdma: Flush iWARP QP if modified to ERR from RTR state (git-fixes).\n- RDMA/irdma: Prevent some integer underflows (git-fixes).\n- RDMA/irdma: Reduce iWARP QP destroy time (git-fixes).\n- RDMA/irdma: Remove incorrect masking of PD (git-fixes).\n- RDMA/irdma: Set protocol based on PF rdma_mode flag (bsc#1200502).\n- RDMA/mlx4: Do not continue event handler after memory allocation failure (git-fixes).\n- RDMA/mlx5: Add a missing update of cache-\u003elast_add (git-fixes).\n- RDMA/mlx5: Do not remove cache MRs when a delay is needed (git-fixes).\n- RDMA/mlx5: Fix memory leak in error flow for subscribe event routine (git-fixes).\n- RDMA/mlx5: Fix the flow of a miss in the allocation of a cache ODP MR (git-fixes).\n- RDMA/nldev: Prevent underflow in nldev_stat_set_counter_dynamic_doit() (jsc#SLE-19249).\n- RDMA/rtrs-clt: Fix possible double free in error case (git-fixes).\n- RDMA/rtrs-clt: Move free_permit from free_clt to rtrs_clt_close (git-fixes).\n- RDMA/rxe: Change variable and function argument to proper type (jsc#SLE-19249).\n- RDMA/rxe: Check the last packet by RXE_END_MASK (git-fixes).\n- RDMA/rxe: Fix ref error in rxe_av.c (jsc#SLE-19249).\n- RDMA/siw: Fix a condition race issue in MPA request processing (git-fixes).\n- RDMA/siw: Fix broken RDMA Read Fence/Resume logic (git-fixes).\n- RDMA/siw: Fix refcounting leak in siw_create_qp() (jsc#SLE-19249).\n- RDMA/ucma: Protect mc during concurrent multicast leaves (git-fixes).\n- regmap-irq: Fix a bug in regmap_irq_enable() for type_in_mask chips (git-fixes).\n- regmap-irq: Fix offset/index mismatch in read_sub_irq_data() (git-fixes).\n- regmap-irq: Update interrupt clear register for proper reset (git-fixes).\n- regulator: atc260x: Fix missing active_discharge_on setting (git-fixes).\n- regulator: core: Fix enable_count imbalance with EXCLUSIVE_GET (git-fixes).\n- regulator: core: fix false positive in regulator_late_cleanup() (git-fixes).\n- regulator: da9121: Fix uninit-value in da9121_assign_chip_model() (git-fixes).\n- regulator: mt6315: Enforce regulator-compatible, not name (git-fixes).\n- regulator: mt6315-regulator: fix invalid allowed mode (git-fixes).\n- regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt (git-fixes).\n- regulator: qcom_smd: fix for_each_child.cocci warnings (git-fixes).\n- regulator: qcom_smd: Fix up PM8950 regulator configuration (git-fixes).\n- regulator: rpi-panel: Handle I2C errors/timing to the Atmel (git-fixes).\n- regulator: scmi: Fix refcount leak in scmi_regulator_probe (git-fixes).\n- regulator: wm8994: Add an off-on delay for WM8994 variant (git-fixes).\n- remoteproc: Fix count check in rproc_coredump_write() (git-fixes).\n- remoteproc: imx_rproc: Ignore create mem entry for resource table (git-fixes).\n- remoteproc: qcom: Fix missing of_node_put in adsp_alloc_memory_region (git-fixes).\n- remoteproc: qcom_q6v5_mss: Fix some leaks in q6v5_alloc_memory_region (git-fixes).\n- remoteproc: qcom_wcnss: Add missing of_node_put() in wcnss_alloc_memory_region (git-fixes).\n- reset: tegra-bpmp: Restore Handle errors in BPMP response (git-fixes).\n- Revert \u0027drm/amd/display: Fix DCN3 B0 DP Alt Mapping\u0027 (git-fixes).\n- Revert \u0027drm/amdgpu/display: set vblank_disable_immediate for DC\u0027 (git-fixes).\n- Revert \u0027svm: Add warning message for AVIC IPI invalid target\u0027 (git-fixes).\n- rfkill: make new event layout opt-in (git-fixes).\n- rfkill: uapi: fix RFKILL_IOCTL_MAX_SIZE ioctl request definition (git-fixes).\n- riscv: Fix fill_callchain return value (git fixes).\n- rpmsg: qcom_smd: Fix irq_of_parse_and_map() return value (git-fixes).\n- rpmsg: qcom_smd: Fix redundant channel-\u003eregistered assignment (git-fixes).\n- rpmsg: qcom_smd: Fix returning 0 if irq_of_parse_and_map() fails (git-fixes).\n- rpmsg: virtio: Fix possible double free in rpmsg_probe() (git-fixes).\n- rpmsg: virtio: Fix possible double free in rpmsg_virtio_add_ctrl_dev() (git-fixes).\n- rpmsg: virtio: Fix the unregistration of the device rpmsg_ctrl (git-fixes).\n- rtc: check if __rtc_read_time was successful (git-fixes).\n- rtc: fix use-after-free on device removal (git-fixes).\n- rtc: ftrtc010: Fix error handling in ftrtc010_rtc_probe (git-fixes).\n- rtc: ftrtc010: Use platform_get_irq() to get the interrupt (git-fixes).\n- rtc: mc146818-lib: fix locking in mc146818_set_time (git-fixes).\n- rtc: mc146818-lib: Fix the AltCentury for AMD platforms (git-fixes).\n- rtc: mt6397: check return value after calling platform_get_resource() (git-fixes).\n- rtc: mxc: Silence a clang warning (git-fixes).\n- rtc: pcf2127: fix bug when reading alarm registers (git-fixes).\n- rtc: pl031: fix rtc features null pointer dereference (git-fixes).\n- rtc: sun6i: Fix time overflow handling (git-fixes).\n- rtc: wm8350: Handle error for wm8350_register_irq (git-fixes).\n- rtl818x: Prevent using not initialized queues (git-fixes).\n- rtlwifi: Use pr_warn instead of WARN_ONCE (git-fixes).\n- rtw88: 8821c: fix debugfs rssi value (git-fixes).\n- rtw88: 8821c: support RFE type4 wifi NIC (git-fixes).\n- rtw88: Disable PCIe ASPM while doing NAPI poll on 8821CE (git-fixes).\n- rtw88: rtw8821c: enable rfe 6 devices (git-fixes).\n- s390/crypto: fix scatterwalk_unmap() callers in AES-GCM (git-fixes).\n- s390/ctcm: fix potential memory leak (git-fixes).\n- s390/ctcm: fix variable dereferenced before check (git-fixes).\n- s390/dasd: fix data corruption for ESE devices (git-fixes).\n- s390/dasd: Fix read for ESE with blksize 4k (git-fixes).\n- s390/dasd: Fix read inconsistency for ESE DASD devices (git-fixes).\n- s390/dasd: prevent double format of tracks for ESE devices (git-fixes).\n- s390/entry: fix duplicate tracking of irq nesting level (git-fixes).\n- s390/extable: fix exception table sorting (git-fixes).\n- s390/kexec_file: fix error handling when applying relocations (git-fixes).\n- s390/kexec: fix memory leak of ipl report buffer (git-fixes).\n- s390/kexec: fix return code handling (git-fixes).\n- s390/lcs: fix variable dereferenced before check (git-fixes).\n- s390/mcck: isolate SIE instruction when setting CIF_MCCK_GUEST flag (git-fixes).\n- s390/module: fix loading modules with a lot of relocations (git-fixes).\n- s390/nmi: handle guarded storage validity failures for KVM guests (git-fixes).\n- s390/nmi: handle vector validity failures for KVM guests (git-fixes).\n- s390/perf: obtain sie_block from the right address (bsc#1200315 LTC#198473).\n- s390/setup: avoid reserving memory above identity mapping (git-fixes).\n- s390/smp: sort out physical vs virtual pointers usage (git-fixes).\n- sata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl (git-fixes).\n- sata_fsl: fix warning in remove_proc_entry when rmmod sata_fsl (git-fixes).\n- sc16is7xx: Fix for incorrect data being transmitted (git-fixes).\n- sched/core: Export pelt_thermal_tp (git-fixes)\n- sched/core: Fix forceidle balancing (git-fixes)\n- sched/core: Mitigate race (git-fixes)\n- sched/cpuacct: Fix charge percpu cpuusage (git-fixes)\n- sched/cpuacct: Fix user/system in shown cpuacct.usage* (git-fixes)\n- sched/debug: Remove mpol_get/put and task_lock/unlock from (git-fixes)\n- sched: Define and initialize a flag to identify valid PASID in the task (jsc#SLE-24350).\n- sched/fair: Consider CPU affinity when allowing NUMA imbalance in find_idlest_group() (bnc#1193431).\n- sched/fair: Fix fault in reweight_entity (git fixes (sched/core)).\n- sched/fair: Revise comment about lb decision matrix (git-fixes)\n- sched: Fix balance_push() vs __sched_setscheduler() (git-fixes)\n- sched: Fix yet more sched_fork() races (git fixes (sched/core)).\n- sched/membarrier: Fix membarrier-rseq fence command missing (git-fixes)\n- sched/numa: Adjust imb_numa_nr to a better approximation of memory channels (bnc#1193431).\n- sched/numa: Apply imbalance limitations consistently (bnc#1193431).\n- sched/numa: Do not swap tasks between nodes when spare capacity is available (bnc#1193431).\n- sched/numa: Initialise numa_migrate_retry (bnc#1193431).\n- sched/pasid: Add a kABI workaround (jsc#SLE-24350).\n- sched/pelt: Fix attach_entity_load_avg() corner case (git-fixes)\n- sched/pelt: Relax the sync of util_sum with util_avg (git-fixes)\n- sched/psi: report zeroes for CPU full at the system level (git-fixes)\n- sched/rt: Plug rt_mutex_setprio() vs push_rt_task() race (git-fixes)\n- sched/rt: Try to restart rt period timer when rt runtime (git-fixes)\n- sched/scs: Reset task stack state in bringup_cpu() (git-fixes)\n- sched/sugov: Ignore \u0027busy\u0027 filter when rq is capped by (git-fixes)\n- sched: Teach the forced-newidle balancer about CPU affinity (git-fixes)\n- scripts/faddr2line: Fix overlapping text section failures (git-fixes).\n- scsi: block: pm: Always set request queue runtime active in blk_post_runtime_resume() (bsc#1198802).\n- scsi: block: PM fix blk_post_runtime_resume() args (bsc#1198802).\n- scsi: core: Query VPD size before getting full page (git-fixes).\n- scsi: dc395x: Fix a missing check on list iterator (git-fixes).\n- scsi: elx: efct: Do not use GFP_KERNEL under spin lock (git-fixes).\n- scsi: fnic: Fix a tracing statement (git-fixes).\n- scsi: fnic: Replace DMA mask of 64 bits with 47 bits (bsc#1199631).\n- scsi: hisi_sas: Add more logs for runtime suspend/resume (bsc#1198802).\n- scsi: hisi_sas: Change permission of parameter prot_mask (git-fixes).\n- scsi: hisi_sas: Fix rescan after deleting a disk (git-fixes).\n- scsi: hisi_sas: Fix some issues related to asd_sas_port-\u003ephy_list (bsc#1198802).\n- scsi: hisi_sas: Increase debugfs_dump_index after dump is completed (bsc#1198806).\n- scsi: hisi_sas: Initialise devices in .slave_alloc callback (bsc#1198802).\n- scsi: hisi_sas: Limit users changing debugfs BIST count value (bsc#1198803).\n- scsi: hisi_sas: Remove unused variable and check in hisi_sas_send_ata_reset_each_phy() (git-fixes).\n- scsi: hisi_sas: Wait for phyup in hisi_sas_control_phy() (bsc#1198802).\n- scsi: ibmvfc: Allocate/free queue resource only during probe/remove (jsc#SLE-15442 bsc#1180814 ltc#187461 git-fixes).\n- scsi: ibmvfc: Store vhost pointer during subcrq allocation (jsc#SLE-15442 bsc#1180814 ltc#187461 git-fixes).\n- scsi: iscsi: Add helper functions to manage iscsi_cls_conn (bsc#1198410).\n- scsi: iscsi: Add helper to remove a session from the kernel (bsc#1198410).\n- scsi: iscsi: Allow iscsi_if_stop_conn() to be called from kernel (bsc#1198410).\n- scsi: iscsi: Clean up bound endpoints during shutdown (bsc#1198410).\n- scsi: iscsi: Fix HW conn removal use after free (bsc#1198410).\n- scsi: iscsi: Fix session removal on shutdown (bsc#1198410).\n- scsi: libiscsi: Teardown iscsi_cls_conn gracefully (bsc#1198410).\n- scsi: libsas: Add flag SAS_HA_RESUMING (bsc#1198802).\n- scsi: libsas: Add spin_lock/unlock() to protect asd_sas_port-\u003ephy_list (bsc#1198802).\n- scsi: libsas: Defer works of new phys during suspend (bsc#1198802).\n- scsi: libsas: Do not always drain event workqueue for HA resume (bsc#1198802).\n- scsi: libsas: Fix sas_ata_qc_issue() handling of NCQ NON DATA commands (git-fixes).\n- scsi: libsas: Insert PORTE_BROADCAST_RCVD event for resuming host (bsc#1198802).\n- scsi: libsas: Keep host active while processing events (bsc#1198802).\n- scsi: libsas: Refactor sas_queue_deferred_work() (bsc#1198802).\n- scsi: libsas: Resume host while sending SMP I/Os (bsc#1198802).\n- scsi: lpfc: Add more logging of cmd and cqe information for aborted NVMe cmds (bsc#1201193).\n- scsi: lpfc: Address NULL pointer dereference after starget_to_rport() (bsc#1201193).\n- scsi: lpfc: Add support for ATTO Fibre Channel devices (bsc#1201193).\n- scsi: lpfc: Add support for VMID tagging of NVMe I/Os (bsc#1201193).\n- scsi: lpfc: Allow reduced polling rate for nvme_admin_async_event cmd completion (bsc#1201193).\n- scsi: lpfc: Alter FPIN stat accounting logic (bsc#1200045).\n- scsi: lpfc: Change FA-PWWN detection methodology (bsc#1200045).\n- scsi: lpfc: Change VMID registration to be based on fabric parameters (bsc#1200045).\n- scsi: lpfc: Clear fabric topology flag before initiating a new FLOGI (bsc#1200045).\n- scsi: lpfc: Commonize VMID code location (bsc#1201193).\n- scsi: lpfc: Copyright updates for 14.2.0.0 patches (bsc#1197675).\n- scsi: lpfc: Copyright updates for 14.2.0.2 patches (bsc#1200045).\n- scsi: lpfc: Correct BDE DMA address assignment for GEN_REQ_WQE (bsc#1200045).\n- scsi: lpfc: Correct BDE type for XMIT_SEQ64_WQE in lpfc_ct_reject_event() (bsc#1201193).\n- scsi: lpfc: Correct CRC32 calculation for congestion stats (bsc#1200045).\n- scsi: lpfc: Decrement outstanding gidft_inp counter if lpfc_err_lost_link() (bsc#1200045).\n- scsi: lpfc: Drop lpfc_no_handler() (bsc#1197675).\n- scsi: lpfc: Expand setting ELS_ID field in ELS_REQUEST64_WQE (bsc#1200045).\n- scsi: lpfc: Fill in missing ndlp kref puts in error paths (bsc#1200045).\n- scsi: lpfc: Fix additional reference counting in lpfc_bsg_rport_els() (bsc#1200045).\n- scsi: lpfc: Fix broken SLI4 abort path (bsc#1197675).\n- scsi: lpfc: Fix call trace observed during I/O with CMF enabled (bsc#1200045).\n- scsi: lpfc: Fix diagnostic fw logging after a function reset (bsc#1200045).\n- scsi: lpfc: Fix dmabuf ptr assignment in lpfc_ct_reject_event() (bsc#1200045).\n- scsi: lpfc: Fix element offset in __lpfc_sli_release_iocbq_s4() (bsc#1200045).\n- scsi: lpfc: Fix field overload in lpfc_iocbq data structure (bsc#1200045).\n- scsi: lpfc: Fix locking for lpfc_sli_iocbq_lookup() (bsc#1197675).\n- scsi: lpfc: Fix ndlp put following a LOGO completion (bsc#1200045).\n- scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI (bsc#1200045).\n- scsi: lpfc: Fix port stuck in bypassed state after LIP in PT2PT topology (bsc#1201193).\n- scsi: lpfc: Fix queue failures when recovering from PCI parity error (bsc#1197675 bsc#1196478).\n- scsi: lpfc: Fix resource leak in lpfc_sli4_send_seq_to_ulp() (bsc#1200045).\n- scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock (bsc#1200045).\n- scsi: lpfc: Fix split code for FLOGI on FCoE (bsc#1200045).\n- scsi: lpfc: Fix typos in comments (bsc#1197675).\n- scsi: lpfc: Fix unload hang after back to back PCI EEH faults (bsc#1197675 bsc#1196478).\n- scsi: lpfc: Improve PCI EEH Error and Recovery Handling (bsc#1197675 bsc#1196478).\n- scsi: lpfc: Inhibit aborts if external loopback plug is inserted (bsc#1200045).\n- scsi: lpfc: Introduce FC_RSCN_MEMENTO flag for tracking post RSCN completion (bsc#1200045).\n- scsi: lpfc: Kill lpfc_bus_reset_handler() (bsc#1197675).\n- scsi: lpfc: Move cfg_log_verbose check before calling lpfc_dmp_dbg() (bsc#1200045).\n- scsi: lpfc: Move MI module parameter check to handle dynamic disable (bsc#1200045).\n- scsi: lpfc: Protect memory leak for NPIV ports sending PLOGI_RJT (bsc#1200045).\n- scsi: lpfc: Reduce log messages seen after firmware download (bsc#1197675).\n- scsi: lpfc: Refactor cleanup of mailbox commands (bsc#1200045).\n- scsi: lpfc: Register for Application Services FC-4 type in Fabric topology (bsc#1200045).\n- scsi: lpfc: Remove failing soft_wwn support (bsc#1197675).\n- scsi: lpfc: Remove false FDMI NVMe FC-4 support for NPIV ports (bsc#1200045).\n- scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled (bsc#1197675).\n- scsi: lpfc: Remove redundant flush_workqueue() call (bsc#1197675).\n- scsi: lpfc: Remove redundant lpfc_sli_prep_wqe() call (bsc#1200045).\n- scsi: lpfc: Remove unnecessary null ndlp check in lpfc_sli_prep_wqe() (bsc#1200045).\n- scsi: lpfc: Remove unnecessary NULL pointer assignment for ELS_RDF path (bsc#1200045).\n- scsi: lpfc: Remove unneeded variable (bsc#1200045).\n- scsi: lpfc: Requeue SCSI I/O to upper layer when fw reports link down (bsc#1200045).\n- scsi: lpfc: Resolve NULL ptr dereference after an ELS LOGO is aborted (bsc#1201193).\n- scsi: lpfc: Resolve some cleanup issues following abort path refactoring (bsc#1201193).\n- scsi: lpfc: Resolve some cleanup issues following SLI path refactoring (bsc#1201193).\n- scsi: lpfc: Revise FDMI reporting of supported port speed for trunk groups (bsc#1200045).\n- scsi: lpfc: Rework FDMI initialization after link up (bsc#1200045).\n- scsi: lpfc: Rework lpfc_vmid_get_appid() to be protocol independent (bsc#1201193).\n- scsi: lpfc: SLI path split: Introduce lpfc_prep_wqe (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor Abort paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor base ELS paths and the FLOGI path (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor BSG paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor CT paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor fast and slow paths to native SLI4 (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor FDISC paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor lpfc_iocbq (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor LS_ACC paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor LS_RJT paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor misc ELS paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor PLOGI/PRLI/ADISC/LOGO paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor SCSI paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor the RSCN/SCR/RDF/EDC/FARPR paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor VMID paths (bsc#1197675).\n- scsi: lpfc: Transition to NPR state upon LOGO cmpl if link down or aborted (bsc#1200045).\n- scsi: lpfc: Tweak message log categories for ELS/FDMI/NVMe rescan (bsc#1200045).\n- scsi: lpfc: Update fc_prli_sent outstanding only after guaranteed IOCB submit (bsc#1200045).\n- scsi: lpfc: Update lpfc version to 14.2.0.0 (bsc#1197675).\n- scsi: lpfc: Update lpfc version to 14.2.0.1 (bsc#1197675).\n- scsi: lpfc: Update lpfc version to 14.2.0.2 (bsc#1200045).\n- scsi: lpfc: Update lpfc version to 14.2.0.3 (bsc#1200045).\n- scsi: lpfc: Update lpfc version to 14.2.0.4 (bsc#1201193).\n- scsi: lpfc: Update stat accounting for READ_STATUS mbox command (bsc#1200045).\n- scsi: lpfc: Use fc_block_rport() (bsc#1197675).\n- scsi: lpfc: Use irq_set_affinity() (bsc#1197675).\n- scsi: lpfc: Use kcalloc() (bsc#1197675).\n- scsi: lpfc: Use list_for_each_entry_safe() in rscn_recovery_check() (bsc#1200045).\n- scsi: lpfc: Use rport as argument for lpfc_chk_tgt_mapped() (bsc#1197675).\n- scsi: lpfc: Use rport as argument for lpfc_send_taskmgmt() (bsc#1197675).\n- scsi: lpfc: Use sg_dma_address() and sg_dma_len() macros for NVMe I/O (bsc#1200045).\n- scsi: lpfc: Zero SLI4 fcp_cmnd buffer\u0027s fcpCntl0 field (bsc#1200045).\n- scsi: mpt3sas: Fix incorrect 4GB boundary check (git-fixes).\n- scsi: mpt3sas: Fix use after free in _scsih_expander_node_remove() (git-fixes).\n- scsi: mpt3sas: Page fault in reply q processing (git-fixes).\n- scsi: mpt3sas: Use cached ATA Information VPD page (git-fixes).\n- scsi: mvsas: Add spin_lock/unlock() to protect asd_sas_port-\u003ephy_list (bsc#1198802).\n- scsi: nvme-fc: Add new routine nvme_fc_io_getuuid() (bsc#1201193).\n- scsi: pm8001: Fix abort all task initialization (git-fixes).\n- scsi: pm8001: Fix command initialization in pm8001_chip_ssp_tm_req() (git-fixes).\n- scsi: pm8001: Fix command initialization in pm80XX_send_read_log() (git-fixes).\n- scsi: pm8001: Fix le32 values handling in pm80xx_chip_sata_req() (git-fixes).\n- scsi: pm8001: Fix le32 values handling in pm80xx_chip_ssp_io_req() (git-fixes).\n- scsi: pm8001: Fix le32 values handling in pm80xx_set_sas_protocol_timer_config() (git-fixes).\n- scsi: pm8001: Fix NCQ NON DATA command completion handling (git-fixes).\n- scsi: pm8001: Fix NCQ NON DATA command task initialization (git-fixes).\n- scsi: pm8001: Fix payload initialization in pm80xx_encrypt_update() (git-fixes).\n- scsi: pm8001: Fix payload initialization in pm80xx_set_thermal_config() (git-fixes).\n- scsi: pm80xx: Enable upper inbound, outbound queues (git-fixes).\n- scsi: pm80xx: Mask and unmask upper interrupt vectors 32-63 (git-fixes).\n- scsi: qedi: Fix ABBA deadlock in qedi_process_tmf_resp() and qedi_process_cmd_cleanup_resp() (git-fixes).\n- scsi: qedi: Use QEDI_MODE_NORMAL for error handling (bsc#1198410).\n- scsi: qla2xxx: Add a new v2 dport diagnostic feature (bsc#1201160).\n- scsi: qla2xxx: Add debug prints in the device remove path (bsc#1201160).\n- scsi: qla2xxx: Add devids and conditionals for 28xx (bsc#1195823).\n- scsi: qla2xxx: Add ql2xnvme_queues module param to configure number of NVMe queues (bsc#1195823).\n- scsi: qla2xxx: Add qla2x00_async_done() for async routines (bsc#1195823).\n- scsi: qla2xxx: Add retry for exec firmware (bsc#1195823).\n- scsi: qla2xxx: Check for firmware dump already collected (bsc#1195823).\n- scsi: qla2xxx: edif: Add bsg interface to read doorbell events (bsc#1201160).\n- scsi: qla2xxx: edif: Add retry for ELS passthrough (bsc#1201160).\n- scsi: qla2xxx: edif: bsg refactor (bsc#1201160).\n- scsi: qla2xxx: edif: Fix clang warning (bsc#1195823).\n- scsi: qla2xxx: edif: Fix inconsistent check of db_flags (bsc#1195823).\n- scsi: qla2xxx: edif: Fix I/O timeout due to over-subscription (bsc#1201160).\n- scsi: qla2xxx: edif: Fix n2n discovery issue with secure target (bsc#1201160).\n- scsi: qla2xxx: edif: Fix n2n login retry for secure device (bsc#1201160).\n- scsi: qla2xxx: edif: Fix no login after app start (bsc#1201160).\n- scsi: qla2xxx: edif: Fix no logout on delete for N2N (bsc#1201160).\n- scsi: qla2xxx: edif: Fix potential stuck session in sa update (bsc#1201160).\n- scsi: qla2xxx: edif: Fix session thrash (bsc#1201160).\n- scsi: qla2xxx: edif: Fix slow session teardown (bsc#1201160).\n- scsi: qla2xxx: edif: Reduce connection thrash (bsc#1195823).\n- scsi: qla2xxx: edif: Reduce disruption due to multiple app start (bsc#1201160).\n- scsi: qla2xxx: edif: Reduce Initiator-Initiator thrashing (bsc#1201160).\n- scsi: qla2xxx: edif: Reduce N2N thrashing at app_start time (bsc#1201160).\n- scsi: qla2xxx: edif: Remove old doorbell interface (bsc#1201160).\n- scsi: qla2xxx: edif: Remove unneeded variable (bsc#1200046).\n- scsi: qla2xxx: edif: Replace list_for_each_safe with list_for_each_entry_safe (bsc#1195823).\n- scsi: qla2xxx: edif: Send LOGO for unexpected IKE message (bsc#1201160).\n- scsi: qla2xxx: edif: Synchronize NPIV deletion with authentication application (bsc#1201160).\n- scsi: qla2xxx: edif: Tear down session if keys have been removed (bsc#1201160).\n- scsi: qla2xxx: edif: Tweak trace message (bsc#1195823).\n- scsi: qla2xxx: edif: Wait for app to ack on sess down (bsc#1201160).\n- scsi: qla2xxx: Fix crash due to stale SRB access around I/O timeouts (bsc#1201160).\n- scsi: qla2xxx: Fix crash during module load unload test (bsc#1197661).\n- scsi: qla2xxx: Fix device reconnect in loop topology (bsc#1195823).\n- scsi: qla2xxx: Fix disk failure to rediscover (bsc#1197661).\n- scsi: qla2xxx: Fix erroneous mailbox timeout after PCI error injection (bsc#1201160).\n- scsi: qla2xxx: Fix excessive I/O error messages by default (bsc#1201160).\n- scsi: qla2xxx: Fix hang due to session stuck (bsc#1197661).\n- scsi: qla2xxx: Fix incorrect reporting of task management failure (bsc#1197661).\n- scsi: qla2xxx: Fix laggy FC remote port session recovery (bsc#1197661).\n- scsi: qla2xxx: Fix losing FCP-2 targets during port perturbation tests (bsc#1201160).\n- scsi: qla2xxx: Fix losing FCP-2 targets on long port disable with I/Os (bsc#1201160).\n- scsi: qla2xxx: Fix losing target when it reappears during delete (bsc#1201160).\n- scsi: qla2xxx: Fix loss of NVMe namespaces after driver reload test (bsc#1197661).\n- scsi: qla2xxx: Fix missed DMA unmap for aborted commands (bsc#1200046).\n- scsi: qla2xxx: Fix missed DMA unmap for NVMe ls requests (bsc#1197661).\n- scsi: qla2xxx: Fix N2N inconsistent PLOGI (bsc#1197661).\n- scsi: qla2xxx: Fix premature hw access after PCI error (bsc#1195823).\n- scsi: qla2xxx: Fix scheduling while atomic (bsc#1195823).\n- scsi: qla2xxx: Fix stuck session in gpdb (bsc#1195823).\n- scsi: qla2xxx: Fix stuck session of PRLI reject (bsc#1197661).\n- scsi: qla2xxx: Fix T10 PI tag escape and IP guard options for 28XX adapters (bsc#1195823).\n- scsi: qla2xxx: Fix typos in comments (bsc#1197661).\n- scsi: qla2xxx: Fix warning for missing error code (bsc#1195823).\n- scsi: qla2xxx: Fix warning message due to adisc being flushed (bsc#1195823).\n- scsi: qla2xxx: Fix wrong FDMI data for 64G adapter (bsc#1195823).\n- scsi: qla2xxx: Implement ref count for SRB (bsc#1195823).\n- scsi: qla2xxx: Increase max limit of ql2xnvme_queues (bsc#1197661).\n- scsi: qla2xxx: Reduce false trigger to login (bsc#1197661).\n- scsi: qla2xxx: Refactor asynchronous command initialization (bsc#1195823).\n- scsi: qla2xxx: Remove a declaration (bsc#1195823).\n- scsi: qla2xxx: Remove free_sg command flag (bsc#1200046).\n- scsi: qla2xxx: Remove setting of \u0027req\u0027 and \u0027rsp\u0027 parameters (bsc#1201160).\n- scsi: qla2xxx: Remove unneeded flush_workqueue() (bsc#1200046).\n- scsi: qla2xxx: Remove unused qla_sess_op_cmd_list from scsi_qla_host_t (bsc#1195823).\n- scsi: qla2xxx: Remove unused \u0027ql_dm_tgt_ex_pct\u0027 parameter (bsc#1201160).\n- scsi: qla2xxx: Stop using the SCSI pointer (bsc#1197661).\n- scsi: qla2xxx: Suppress a kernel complaint in qla_create_qpair() (bsc#1195823).\n- scsi: qla2xxx: Turn off multi-queue for 8G adapters (bsc#1201160).\n- scsi: qla2xxx: Update version to 10.02.07.200-k (bsc#1195823).\n- scsi: qla2xxx: Update version to 10.02.07.300-k (bsc#1195823).\n- scsi: qla2xxx: Update version to 10.02.07.400-k (bsc#1197661).\n- scsi: qla2xxx: Update version to 10.02.07.500-k (bsc#1201160).\n- scsi: qla2xxx: Update version to 10.02.07.600-k (bsc#1201160).\n- scsi: qla2xxx: Update version to 10.02.07.700-k (bsc#1201160).\n- scsi: qla2xxx: Use correct feature type field during RFF_ID processing (bsc#1197661).\n- scsi: qla2xxx: Use named initializers for port_state_str (bsc#1197661).\n- scsi: qla2xxx: Use named initializers for q_dev_state (bsc#1197661).\n- scsi: qla2xxx: Wind down adapter after PCIe error (bsc#1201160).\n- scsi: scsi_transport_fc: Fix FPIN Link Integrity statistics counters (git-fixes).\n- scsi: sr: Do not leak information in ioctl (git-fixes).\n- scsi: ufs: core: Exclude UECxx from SFR dump list (git-fixes).\n- scsi: ufs: qcom: Add a readl() to make sure ref_clk gets enabled (git-fixes).\n- scsi: ufs: qcom: Fix ufs_qcom_resume() (git-fixes).\n- scsi: virtio-scsi: Eliminate anonymous module_init and module_exit (git-fixes).\n- scsi: zorro7xx: Fix a resource leak in zorro7xx_remove_one() (git-fixes).\n- selftest: KVM: Add open sev dev helper (bsc#1194526).\n- selftests/bpf: Remove unused variable in tc_tunnel prog (git-fixes).\n- selftests: firmware: Fix the request_firmware_into_buf() test for XZ format (git-fixes).\n- selftests: firmware: Use smaller dictionary for XZ compression (git-fixes).\n- selftests: fix check for circular KVM_CAP_VM_MOVE_ENC_CONTEXT_FROM (bsc#1194526).\n- selftests: KVM: Add /x86_64/sev_migrate_tests to .gitignore (bsc#1194526).\n- selftests: KVM: Fix check for !POLLIN in demand_paging_test (bsc#1194526).\n- selftests: kvm: Remove absent target file (git-fixes).\n- selftests: KVM: sev_migrate_tests: Fix sev_ioctl() (bsc#1194526).\n- selftests: kvm/x86: Fix the warning in lib/x86_64/processor.c (bsc#1194526).\n- selftests/powerpc: Add test for real address error handling (jsc#SLE-18194).\n- serial: 8250: Also set sticky MCR bits in console restoration (git-fixes).\n- serial: 8250_aspeed_vuart: add PORT_ASPEED_VUART port type (git-fixes).\n- serial: 8250_aspeed_vuart: Fix potential NULL dereference in aspeed_vuart_probe (git-fixes).\n- serial: 8250: core: Remove unneeded linux/pm_runtime.h (git-fixes).\n- serial: 8250: Correct the clock for EndRun PTP/1588 PCIe device (git-fixes).\n- serial: 8250_fintek: Check SER_RS485_RTS_* only with RS485 (git-fixes).\n- serial: 8250: Fix race condition in RTS-after-send handling (git-fixes).\n- serial: 8250: fix XOFF/XON sending when DMA is used (git-fixes).\n- serial: 8250_lpss: Balance reference count for PCI DMA device (git-fixes).\n- serial: 8250_mid: Balance reference count for PCI DMA device (git-fixes).\n- serial: 8250_mtk: Fix register address for XON/XOFF character (git-fixes).\n- serial: 8250_mtk: Fix UART_EFR register address (git-fixes).\n- serial: 8250: pxa: Remove unneeded linux/pm_runtime.h (git-fixes).\n- serial: core: Fix the definition name in the comment of UPF_* flags (git-fixes).\n- serial: cpm_uart: Fix build error without CONFIG_SERIAL_CPM_CONSOLE (git-fixes).\n- serial: digicolor-usart: Do not allow CS5-6 (git-fixes).\n- serial: imx: fix overrun interrupts in DMA mode (git-fixes).\n- serial: meson: acquire port-\u003elock in startup() (git-fixes).\n- serial: msm_serial: disable interrupts in __msm_console_write() (git-fixes).\n- serial: pch: do not overwrite xmit-\u003ebuf[0] by x_char (git-fixes).\n- serial: rda-uart: Do not allow CS5-6 (git-fixes).\n- serial: samsung_tty: do not unlock port-\u003elock for uart_write_wakeup() (git-fixes).\n- serial: sh-sci: Do not allow CS5-6 (git-fixes).\n- serial: sifive: Report actual baud base rather than fixed 115200 (git-fixes).\n- serial: sifive: Sanitize CSIZE and c_iflag (git-fixes).\n- serial: st-asc: Sanitize CSIZE and correct PARENB for CS7 (git-fixes).\n- serial: stm32-usart: Correct CSIZE, bits, and parity (git-fixes).\n- serial: txx9: Do not allow CS5-6 (git-fixes).\n- sfc: Do not free an empty page_ring (git-fixes).\n- sfc: fallback for lack of xdp tx queues (bsc#1196306).\n- sfc: last resort fallback for lack of xdp tx queues (bsc#1196306).\n- sfc: Use swap() instead of open coding it (bsc#1196306).\n- sfc: use swap() to make code cleaner (bsc#1196306).\n- skbuff: fix coalescing for page_pool fragment recycling (bsc#1190336).\n- slimbus: qcom: Fix IRQ check in qcom_slim_probe (git-fixes).\n- slip: fix macro redefine warning (git-fixes).\n- smb3: add mount parm nosparse (bsc#1193629).\n- smb3: add trace point for lease not found issue (bsc#1193629).\n- smb3: add trace point for oplock not found (bsc#1193629).\n- smb3: check for null tcon (bsc#1193629).\n- smb3: cleanup and clarify status of tree connections (bsc#1193629).\n- smb3: do not set rc when used and unneeded in query_info_compound (bsc#1193629).\n- SMB3: EBADF/EIO errors in rename/open caused by race condition in smb2_compound_op (bsc#1193629).\n- smb3: fix incorrect session setup check for multiuser mounts (bsc#1193629).\n- smb3: fix ksmbd bigendian bug in oplock break, and move its struct to smbfs_common (bsc#1193629).\n- smb3: fix snapshot mount option (bsc#1193629).\n- smb3 improve error message when mount options conflict with posix (bsc#1193629).\n- smb3: move defines for ioctl protocol header and SMB2 sizes to smbfs_common (bsc#1193629).\n- smb3: move defines for query info and query fsinfo to smbfs_common (bsc#1193629).\n- smb3 move more common protocol header definitions to smbfs_common (bsc#1193629).\n- smb3: send NTLMSSP version information (bsc#1193629).\n- smp: Fix offline cpu check in flush_smp_call_function_queue() (git-fixes).\n- smsc911x: allow using IRQ0 (git-fixes).\n- soc: aspeed: lpc-ctrl: Block error printing on probe defer cases (git-fixes).\n- soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe (git-fixes).\n- soc: bcm: Check for NULL return of devm_kzalloc() (git-fixes).\n- soc: fsl: Correct MAINTAINERS database (QUICC ENGINE LIBRARY) (git-fixes).\n- soc: fsl: Correct MAINTAINERS database (SOC) (git-fixes).\n- soc: fsl: guts: Add a missing memory allocation failure check (git-fixes).\n- soc: fsl: guts: Revert commit 3c0d64e867ed (git-fixes).\n- soc: fsl: qe: Check of ioremap return value (git-fixes).\n- soc: mediatek: pm-domains: Add wakeup capacity support in power domain (git-fixes).\n- soc: qcom: aoss: Expose send for generic usecase (git-fixes).\n- soc: qcom: aoss: Fix missing put_device call in qmp_get (git-fixes).\n- soc: qcom: aoss: remove spurious IRQF_ONESHOT flags (git-fixes).\n- soc: qcom: llcc: Add MODULE_DEVICE_TABLE() (git-fixes).\n- soc: qcom: ocmem: Fix missing put_device() call in of_get_ocmem (git-fixes).\n- soc: qcom: rpmpd: Check for null return of devm_kcalloc (git-fixes).\n- soc: qcom: smp2p: Fix missing of_node_put() in smp2p_parse_ipc (git-fixes).\n- soc: qcom: smsm: Fix missing of_node_put() in smsm_parse_ipc (git-fixes).\n- soc: rockchip: Fix refcount leak in rockchip_grf_init (git-fixes).\n- soc: ti: ti_sci_pm_domains: Check for null return of devm_kcalloc (git-fixes).\n- soc: ti: wkup_m3_ipc: Fix IRQ check in wkup_m3_ipc_probe (git-fixes).\n- sound/oss/dmasound: fix build when drivers are mixed =y/=m (git-fixes).\n- sound/oss/dmasound: fix \u0027dmasound_setup\u0027 defined but not used (git-fixes).\n- soundwire: intel: fix wrong register name in intel_shim_wake (git-fixes).\n- soundwire: intel: prevent pm_runtime resume prior to system suspend (git-fixes).\n- soundwire: qcom: adjust autoenumeration timeout (git-fixes).\n- speakup-dectlk: Restore pitch setting (git-fixes).\n- spi: atmel-quadspi: Fix the buswidth adjustment between spi-mem and controller (git-fixes).\n- spi: bcm-qspi: fix MSPI only access with bcm_qspi_exec_mem_op() (git-fixes).\n- spi: cadence-quadspi: fix incorrect supports_op() return value (git-fixes).\n- spi: cadence-quadspi: fix protocol setup for non-1-1-X operations (git-fixes).\n- spi: core: add dma_map_dev for __spi_unmap_msg() (git-fixes).\n- spi: Fix erroneous sgs value with min_t() (git-fixes).\n- spi: Fix invalid sgs value (git-fixes).\n- spi: Fix Tegra QSPI example (git-fixes).\n- spi: img-spfi: Fix pm_runtime_get_sync() error checking (git-fixes).\n- spi: mxic: Fix the transmit path (git-fixes).\n- spi: pxa2xx-pci: Balance reference count for PCI DMA device (git-fixes).\n- spi: qcom-qspi: Add minItems to interconnect-names (git-fixes).\n- spi: rockchip: Fix error in getting num-cs property (git-fixes).\n- spi: rockchip: fix missing error on unsupported SPI_CS_HIGH (git-fixes).\n- spi: rockchip: Preset cs-high and clk polarity in setup progress (git-fixes).\n- spi: rockchip: Stop spi slave dma receiver when cs inactive (git-fixes).\n- spi: rockchip: terminate dma transmission when slave abort (git-fixes).\n- spi: spi-cadence: Fix kernel-doc format for resume/suspend (git-fixes).\n- spi: spi-fsl-qspi: check return value after calling platform_get_resource_byname() (git-fixes).\n- spi: spi-mtk-nor: initialize spi controller after resume (git-fixes).\n- spi: spi-rspi: Remove setting {src,dst}_{addr,addr_width} based on DMA direction (git-fixes).\n- spi: spi-ti-qspi: Fix return value handling of wait_for_completion_timeout (git-fixes).\n- spi: spi-zynqmp-gqspi: Handle error for dma_set_mask (git-fixes).\n- spi: spi-zynq-qspi: Fix a NULL pointer dereference in zynq_qspi_exec_mem_op() (git-fixes).\n- spi: stm32-qspi: Fix wait_cmd timeout in APM mode (git-fixes).\n- spi: tegra114: Add missing IRQ check in tegra_spi_probe (git-fixes).\n- spi: tegra20: Use of_device_get_match_data() (git-fixes).\n- spi: tegra210-quad: Fix missin IRQ check in tegra_qspi_probe (git-fixes).\n- sr9700: sanity check for packet length (bsc#1196836).\n- staging: fbtft: fb_st7789v: reset display before initialization (git-fixes).\n- staging: fbtft: Fix error path in fbtft_driver_module_init() (git-fixes).\n- staging: fieldbus: Fix the error handling path in anybuss_host_common_probe() (git-fixes).\n- staging: gdm724x: fix use after free in gdm_lte_rx() (git-fixes).\n- staging:iio:adc:ad7280a: Fix handing of device address bit reversing (git-fixes).\n- staging: most: dim2: force fcnt=3 on Renesas GEN3 (git-fixes).\n- staging: most: dim2: use device release method (git-fixes).\n- staging: most: dim2: use if statements instead of ?: expressions (git-fixes).\n- staging: mt7621-dts: fix formatting (git-fixes).\n- staging: mt7621-dts: fix LEDs and pinctrl on GB-PC1 devicetree (git-fixes).\n- staging: mt7621-dts: fix pinctrl-0 items to be size-1 items on ethernet (git-fixes).\n- staging: mt7621-dts: fix pinctrl properties for ethernet (git-fixes).\n- staging: rtl8712: fix a potential memory leak in r871xu_drv_init() (git-fixes).\n- staging: rtl8712: fix uninit-value in r871xu_drv_init() (git-fixes).\n- staging: rtl8712: fix uninit-value in usb_read8() and friends (git-fixes).\n- staging: rtl8723bs: Fix access-point mode deadlock (git-fixes).\n- staging: vc04_services: shut up out-of-range warning (git-fixes).\n- staging: vchiq_arm: Avoid NULL ptr deref in vchiq_dump_platform_instances (git-fixes).\n- staging: vchiq_core: handle NULL result of find_service_by_handle (git-fixes).\n- staging: vchiq: Move certain declarations to vchiq_arm.h (git-fixes).\n- staging: vchiq: Move vchiq char driver to its own file (git-fixes).\n- staging: vchiq: Refactor vchiq cdev code (git-fixes).\n- staging: wfx: fix an error handling in wfx_init_common() (git-fixes).\n- stddef: Introduce DECLARE_FLEX_ARRAY() helper (git-fixes).\n- stm: ltdc: fix two incorrect NULL checks on list iterator (bsc#1190786)\n- SUNRPC: change locking for xs_swap_enable/disable (bsc#1196367).\n- SUNRPC: Do not dereference non-socket transports in sysfs (git-fixes).\n- SUNRPC: Do not dereference non-socket transports in sysfs - kabi fix (git-fixes).\n- SUNRPC do not resend a task on an offlined transport (git-fixes).\n- SUNRPC: Ensure gss-proxy connects on setup (git-fixes).\n- SUNRPC: Ensure that the gssproxy client can start in a connected state (git-fixes).\n- SUNRPC: Fix the calculation of xdr-\u003eend in xdr_get_next_encode_buffer() (git-fixes).\n- SUNRPC: Fix the svc_deferred_event trace class (git-fixes).\n- SUNRPC: Handle ENOMEM in call_transmit_status() (git-fixes).\n- SUNRPC: Handle low memory situations in call_status() (git-fixes).\n- SUNRPC release the transport of a relocated task with an assigned transport (git-fixes).\n- SUNRPC: svc_tcp_sendmsg() should handle errors from xdr_alloc_bvec() (git-fixes).\n- SUNRPC: Trap RDMA segment overflows (git-fixes).\n- SUNRPC: use different lock keys for INET6 and LOCAL (git-fixes).\n- supported.conf: add intel_sdsi\n- supported.conf: mark pfuze100 regulator as supported (bsc#1199909)\n- supported.conf: Support TPM TIS SPI driver (jsc#SLE-24093)\n- surface: surface3_power: Fix battery readings on batteries without a serial number (git-fixes).\n- swiotlb: max mapping size takes min align mask into account (bsc#1197303).\n- sysrq: do not omit current cpu when showing backtrace of all active CPUs (git-fixes).\n- thermal/core: Fix memory leak in __thermal_cooling_device_register() (git-fixes).\n- thermal: core: Fix TZ_GET_TRIP NULL pointer dereference (git-fixes).\n- thermal: devfreq_cooling: use local ops instead of global ops (git-fixes).\n- thermal/drivers/bcm2711: Do not clamp temperature at zero (git-fixes).\n- thermal/drivers/broadcom: Fix potential NULL dereference in sr_thermal_probe (git-fixes).\n- thermal/drivers/imx_sc_thermal: Fix refcount leak in imx_sc_thermal_probe (git-fixes).\n- thermal/drivers/int340x: Improve the tcc offset saving for suspend/resume (git-fixes).\n- thermal: int340x: Check for NULL after calling kmemdup() (git-fixes).\n- thermal: int340x: Fix attr.show callback prototype (git-fixes).\n- thermal: int340x: fix memory leak in int3400_notify() (git-fixes).\n- thermal: int340x: Increase bitmap size (git-fixes).\n- thunderbolt: Use different lane for second DisplayPort tunnel (git-fixes).\n- tick/nohz: unexport __init-annotated tick_nohz_full_setup() (bsc#1201218).\n- tilcdc: tilcdc_external: fix an incorrect NULL check on list iterator (bsc#1190786)\n- timekeeping: Mark NMI safe time accessors as notrace (git-fixes)\n- timers: Fix warning condition in __run_timers() (git-fixes)\n- TOMOYO: fix __setup handlers return values (git-fixes).\n- tools arch x86: Add Intel SDSi provisiong tool (jsc#SLE-18938).\n- tools: bpftool: Complete metrics list in \u0027bpftool prog profile\u0027 doc (git-fixes).\n- tools: bpftool: Document and add bash completion for -L, -B options (git-fixes).\n- tools: bpftool: Update and synchronise option list in doc and help msg (git-fixes).\n- tpm: Fix buffer access in tpm2_get_tpm_pt() (git-fixes).\n- tpm: Fix error handling in async work (git-fixes).\n- tpm: ibmvtpm: Correct the return value in tpm_ibmvtpm_probe() (bsc#1065729).\n- tpm: use try_get_ops() in tpm-space.c (git-fixes).\n- tps6598x: clear int mask on probe failure (git-fixes).\n- tracing: Do not inc err_log entry count if entry allocation fails (git-fixes).\n- tracing: Dump stacktrace trigger to the corresponding instance (git-fixes).\n- tracing: Fix potential double free in create_var_ref() (git-fixes).\n- tracing: Fix return value of __setup handlers (git-fixes).\n- tracing: Fix return value of trace_pid_write() (git-fixes).\n- tracing: Fix smatch warning for null glob in event_hist_trigger_parse() (git-fixes).\n- tracing: Have trace event string test handle zero length strings (git-fixes).\n- tracing: Have traceon and traceoff trigger honor the instance (git-fixes).\n- tracing/histogram: Fix a potential memory leak for kstrdup() (git-fixes).\n- tracing/histogram: Fix sorting on old \u0027cpu\u0027 value (git-fixes).\n- tracing/osnoise: Force quiescent states while tracing (git-fixes).\n- tracing: Propagate is_signed to expression (git-fixes).\n- tracing: Show kretprobe unknown indicator only for kretprobe_trampoline (bsc#1193277).\n- tty: Fix a possible resource leak in icom_probe (git-fixes).\n- tty: fix deadlock caused by calling printk() under tty_port-\u003elock (git-fixes).\n- tty: goldfish: Fix free_irq() on remove (git-fixes).\n- tty: goldfish: Introduce gf_ioread32()/gf_iowrite32() (git-fixes).\n- tty: goldfish: Use tty_port_destroy() to destroy port (git-fixes).\n- tty: n_gsm: Debug output allocation must use GFP_ATOMIC (git-fixes).\n- tty: n_gsm: Do not ignore write return value in gsmld_output() (git-fixes).\n- tty: n_gsm: fix deadlock in gsmtty_open() (git-fixes).\n- tty: n_gsm: fix encoding of control signal octet bit DV (git-fixes).\n- tty: n_gsm: fix NULL pointer access due to DLCI release (git-fixes).\n- tty: n_gsm: Fix packet data hex dump output (git-fixes).\n- tty: n_gsm: fix proper link termination after failed open (git-fixes).\n- tty: n_gsm: fix wrong modem processing in convergence layer type 2 (git-fixes).\n- tty: n_gsm: fix wrong tty control line for flow control (git-fixes).\n- tty: n_tty: do not look ahead for EOL character past the end of the buffer (git-fixes).\n- tty: n_tty: Restore EOF push handling behavior (git-fixes).\n- tty/serial: digicolor: fix possible null-ptr-deref in digicolor_uart_probe() (git-fixes).\n- tty: serial: fsl_lpuart: fix potential bug when using both of_alias_get_id and ida_simple_get (git-fixes).\n- tty: serial: owl: Fix missing clk_disable_unprepare() in owl_uart_probe (git-fixes).\n- tty: synclink_gt: Fix null-pointer-dereference in slgt_clean() (git-fixes).\n- u64_stats: Disable preemption on 32bit UP+SMP PREEMPT_RT during updates (bsc#1189998).\n- uapi/linux/stddef.h: Add include guards (jsc#SLE-18978).\n- ucounts: Enforce RLIMIT_NPROC not RLIMIT_NPROC+1 (bsc#1194191).\n- udmabuf: validate ubuf-\u003epagecount (git-fixes).\n- udp_tunnel: Fix end of loop test in udp_tunnel_nic_unregister() (git-fixes).\n- usb: cdc-wdm: fix reading stuck on device close (git-fixes).\n- usb: cdns3: Fix issue for clear halt endpoint (git-fixes).\n- usb: cdnsp: fix cdnsp_decode_trb function to properly handle ret value (git-fixes).\n- usb: cdnsp: Fixed setting last_trb incorrectly (git-fixes).\n- usb: chipidea: udc: check request status before setting device address (git-fixes).\n- usb: core: Do not hold the device lock while sleeping in do_proc_control() (git-fixes).\n- usb: core: hcd: Add support for deferring roothub registration (git-fixes).\n- usb: dwc2: drd: fix soft connect when gadget is unconfigured (git-fixes).\n- usb: dwc2: Fix memory leak in dwc2_hcd_init (git-fixes).\n- usb: dwc2: gadget: do not reset gadget\u0027s driver-\u003ebus (git-fixes).\n- usb: dwc2: gadget: do not try to disable ep0 in dwc2_hsotg_suspend (git-fixes).\n- usb: dwc3: core: Fix tx/rx threshold settings (git-fixes).\n- usb: dwc3: core: Only handle soft-reset in DCTL (git-fixes).\n- usb: dwc3: Decouple USB 2.0 L1 \u0026 L2 events (git-fixes).\n- usb: dwc3: gadget: Change to dev_dbg() when queuing to inactive gadget/ep (git-fixes).\n- usb: dwc3: gadget: ep_queue simplify isoc start condition (git-fixes).\n- usb: dwc3: gadget: Fix IN endpoint max packet size allocation (git-fixes).\n- usb: dwc3: gadget: Give some time to schedule isoc (git-fixes).\n- usb: dwc3: gadget: Ignore Update Transfer cmd params (git-fixes).\n- usb: dwc3: gadget: Let the interrupt handler disable bottom halves (git-fixes).\n- usb: dwc3: gadget: move cmd_endtransfer to extra function (git-fixes).\n- usb: dwc3: gadget: Move null pinter check to proper place (git-fixes).\n- usb: dwc3: gadget: Prevent core from processing stale TRBs (git-fixes).\n- usb: dwc3: gadget: Prevent repeat pullup() (git-fixes).\n- usb: dwc3: gadget: Replace list_for_each_entry_safe() if using giveback (git-fixes).\n- usb: dwc3: gadget: Return proper request status (git-fixes).\n- usb: dwc3: gadget: Skip checking Update Transfer status (git-fixes).\n- usb: dwc3: gadget: Skip reading GEVNTSIZn (git-fixes).\n- usb: dwc3: gadget: Wait for ep0 xfers to complete during dequeue (git-fixes).\n- usb: dwc3: Issue core soft reset before enabling run/stop (git-fixes).\n- usb: dwc3: omap: fix \u0027unbalanced disables for smps10_out1\u0027 on omap5evm (git-fixes).\n- usb: dwc3: pci: Add \u0027snps,dis_u2_susphy_quirk\u0027 for Intel Bay Trail (git-fixes).\n- usb: dwc3: pci: add support for the Intel Meteor Lake-P (git-fixes).\n- usb: dwc3: pci: add support for the Intel Raptor Lake-S (git-fixes).\n- usb: dwc3: pci: Fix Bay Trail phy GPIO mappings (git-fixes).\n- usb: dwc3: pci: Fix pm_runtime_get_sync() error checking (git-fixes).\n- usb: dwc3: pci: Set the swnode from inside dwc3_pci_quirks() (git-fixes).\n- usb: dwc3: Try usb-role-switch first in dwc3_drd_init (git-fixes).\n- usb: dwc3: xilinx: fix uninitialized return value (git-fixes).\n- usb: ehci: add pci device support for Aspeed platforms (git-fixes).\n- usb: ehci-omap: drop unused ehci_read() function (git-fixes).\n- usb: f_fs: Fix use-after-free for epfile (git-fixes).\n- usb: Fix xhci event ring dequeue pointer ERDP update issue (git-fixes).\n- usb: gadget: configfs: clear deactivation flag in configfs_composite_unbind() (git-fixes).\n- usb: gadget: eliminate anonymous module_init and module_exit (git-fixes).\n- usb: gadget: f_fs: change ep-\u003eep safe in ffs_epfile_io() (git-fixes).\n- usb: gadget: f_fs: change ep-\u003estatus safe in ffs_epfile_io() (git-fixes).\n- USB: gadget: Fix double-free bug in raw_gadget driver (git-fixes).\n- usb: gadget: Fix non-unique driver names in raw-gadget driver (git-fixes).\n- usb: gadget: fix race when gadget driver register via ioctl (git-fixes).\n- usb: gadget: Fix use-after-free bug by not setting udc-\u003edev.driver (git-fixes).\n- usb: gadget: f_uac2: Define specific wTerminalType (git-fixes).\n- usb: gadget: lpc32xx_udc: Fix refcount leak in lpc32xx_udc_probe (git-fixes).\n- usb: gadget: rndis: add spinlock for rndis response list (git-fixes).\n- usb: gadget: rndis: check size of RNDIS_MSG_SET command (git-fixes).\n- usb: gadget: rndis: prevent integer overflow in rndis_set_response() (git-fixes).\n- usb: gadget: tegra-xudc: Do not program SPARAM (git-fixes).\n- usb: gadget: tegra-xudc: Fix control endpoint\u0027s definitions (git-fixes).\n- usb: gadget: udc: renesas_usb3: Fix host to USB_ROLE_NONE transition (git-fixes).\n- usb: gadget: u_ether: fix regression in setting fixed MAC address (git-fixes).\n- usb: gadget: uvc: allow for application to cleanly shutdown (git-fixes).\n- usb: gadget: uvc: Fix crash when encoding data for usb request (git-fixes).\n- usb: gadget: uvc: rename function to be more consistent (git-fixes).\n- usb: gadget: validate endpoint index for xilinx udc (git-fixes).\n- usb: gadget: validate interface OS descriptor requests (git-fixes).\n- USB: hcd-pci: Fully suspend across freeze/thaw cycle (git-fixes).\n- usb: hcd-pci: Use PCI_STD_NUM_BARS when checking standard BARs (git-fixes).\n- USB: host: isp116x: check return value after calling platform_get_resource() (git-fixes).\n- usb: isp1760: Fix out-of-bounds array access (git-fixes).\n- usb: misc: fix improper handling of refcount in uss720_probe() (git-fixes).\n- usb: mtu3: fix USB 3.0 dual-role-switch from device to host (git-fixes).\n- usb: musb: Fix missing of_node_put() in omap2430_probe (git-fixes).\n- usbnet: fix memory allocation in helpers (git-fixes).\n- USB: new quirk for Dell Gen 2 devices (git-fixes).\n- usb: phy: generic: Get the vbus supply (git-fixes).\n- usb: quirks: add a Realtek card reader (git-fixes).\n- usb: quirks: add STRING quirk for VCOM device (git-fixes).\n- usb: raw-gadget: fix handling of dual-direction-capable endpoints (git-fixes).\n- usb: serial: ch341: add support for GW Instek USB2.0-Serial devices (git-fixes).\n- usb: serial: cp210x: add CPI Bulk Coin Recycler id (git-fixes).\n- usb: serial: cp210x: add NCR Retail IO box id (git-fixes).\n- usb: serial: cp210x: add PIDs for Kamstrup USB Meter Reader (git-fixes).\n- usb: serial: ftdi_sio: add support for Brainboxes US-159/235/320 (git-fixes).\n- USB: serial: io_ti: add Agilent E5805A support (git-fixes).\n- usb: serial: option: add Fibocom L610 modem (git-fixes).\n- usb: serial: option: add Fibocom MA510 modem (git-fixes).\n- USB: serial: option: add Quectel BG95 modem (git-fixes).\n- USB: serial: option: add Quectel EM05-G modem (git-fixes).\n- USB: serial: option: add Quectel RM500K module support (git-fixes).\n- USB: serial: option: add support for Cinterion MV31 with new baseline (git-fixes).\n- usb: serial: option: add support for Cinterion MV32-WA/MV32-WB (git-fixes).\n- usb: serial: option: add support for DW5829e (git-fixes).\n- usb: serial: option: add Telit 0x1057, 0x1058, 0x1075 compositions (git-fixes).\n- USB: serial: option: add Telit LE910Cx 0x1250 composition (git-fixes).\n- usb: serial: option: add Telit LE910R1 compositions (git-fixes).\n- usb: serial: option: add ZTE MF286D modem (git-fixes).\n- usb: serial: pl2303: add device id for HP LM930 Display (git-fixes).\n- usb: serial: pl2303: add IBM device IDs (git-fixes).\n- USB: serial: pl2303: add support for more HXN (G) types (git-fixes).\n- usb: serial: pl2303: fix GS type detection (git-fixes).\n- usb: serial: pl2303: fix type detection for odd device (git-fixes).\n- usb: serial: qcserial: add support for Sierra Wireless EM7590 (git-fixes).\n- usb: serial: simple: add Nokia phone driver (git-fixes).\n- usb: serial: whiteheat: fix heap overflow in WHITEHEAT_GET_DTR_RTS (git-fixes).\n- usb: storage: karma: fix rio_karma_init return (git-fixes).\n- usb: storage: ums-realtek: fix error code in rts51x_read_mem() (git-fixes).\n- usb: typec: mux: Check dev_set_name() return value (git-fixes).\n- usb: typec: tcpci: Do not skip cleanup in .remove() on error (git-fixes).\n- usb: typec: tcpci_mt6360: Update for BMC PHY setting (git-fixes).\n- usb: typec: tipd: Forward plug orientation to typec subsystem (git-fixes).\n- usb: typec: ucsi: Fix reuse of completion structure (git-fixes).\n- usb: typec: ucsi: Fix role swapping (git-fixes).\n- usb: ulpi: Call of_node_put correctly (git-fixes).\n- usb: ulpi: Move of_node_put to ulpi_dev_release (git-fixes).\n- usb: usbip: add missing device lock on tweak configuration cmd (git-fixes).\n- usb: usbip: eliminate anonymous module_init and module_exit (git-fixes).\n- usb: usbip: fix a refcount leak in stub_probe() (git-fixes).\n- usb: usb-storage: Fix use of bitfields for hardware data in ene_ub6250.c (git-fixes).\n- usb: usbtmc: Fix bug in pipe direction for control transfers (git-fixes).\n- usb: xhci: tegra:Fix PM usage reference leak of tegra_xusb_unpowergate_partitions (git-fixes).\n- usb: zaurus: support another broken Zaurus (git-fixes).\n- use jobs not processors in the constraints jobs is the number of vcpus available to the build, while processors is the total processor count of the machine the VM is running on.\n- vdpasim: allow to enable a vq repeatedly (git-fixes).\n- veth: Ensure eth header is in skb\u0027s linear part (git-fixes).\n- veth: fix races around rq-\u003erx_notify_masked (git-fixes).\n- vfio/ccw: Remove unneeded GFP_DMA (git-fixes).\n- vhost_vdpa: do not setup irq offloading when irq_num 0 (git-fixes).\n- vhost/vsock: do not check owner in vhost_vsock_stop() while releasing (git-fixes).\n- vhost/vsock: fix incorrect used length reported to the guest (git-fixes).\n- video: fbdev: atari: Atari 2 bpp (STe) palette bugfix (git-fixes).\n- video: fbdev: atmel_lcdfb: fix an error code in atmel_lcdfb_probe() (git-fixes).\n- video: fbdev: cirrusfb: check pixclock to avoid divide by zero (git-fixes).\n- video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup (git-fixes).\n- video: fbdev: controlfb: Fix COMPILE_TEST build (git-fixes).\n- video: fbdev: fbcvt.c: fix printing in fb_cvt_print_name() (git-fixes).\n- video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to avoid black screen (git-fixes).\n- video: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow (git-fixes).\n- video: fbdev: omapfb: acx565akm: replace snprintf with sysfs_emit (git-fixes).\n- video: fbdev: omapfb: Add missing of_node_put() in dvic_probe_of (git-fixes).\n- video: fbdev: omapfb: panel-dsi-cm: Use sysfs_emit() instead of snprintf() (git-fixes).\n- video: fbdev: omapfb: panel-tpo-td043mtea1: Use sysfs_emit() instead of snprintf() (git-fixes).\n- video: fbdev: pxa3xx-gcu: release the resources correctly in pxa3xx_gcu_probe/remove() (git-fixes).\n- video: fbdev: sm712fb: Fix crash in smtcfb_read() (git-fixes).\n- video: fbdev: sm712fb: Fix crash in smtcfb_write() (git-fixes).\n- video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe() (git-fixes).\n- video: fbdev: udlfb: properly check endpoint type (bsc#1190497)\n- video: fbdev: udlfb: replace snprintf in show functions with sysfs_emit (git-fixes).\n- video: fbdev: w100fb: Reset global state (git-fixes).\n- virtio-blk: Do not use MAX_DISCARD_SEGMENTS if max_discard_seg is zero (git-fixes).\n- virtio_blk: eliminate anonymous module_init and module_exit (git-fixes).\n- virtio_blk: fix the discard_granularity and discard_alignment queue limits (git-fixes).\n- virtio_console: break out of buf poll on remove (git-fixes).\n- virtio_console: eliminate anonymous module_init and module_exit (git-fixes).\n- virtio: fix virtio transitional ids (git-fixes).\n- virtio-mmio: fix missing put_device() when vm_cmdline_parent registration failed (git-fixes).\n- virtio-net: fix for skb_over_panic inside big mode (git-fixes).\n- virtio-net: fix race between ndo_open() and virtio_device_ready() (git-fixes).\n- virtio_net: fix wrong buf address calculation when using xdp (git-fixes).\n- virtio_net: fix xdp_rxq_info bug after suspend/resume (git-fixes).\n- virtio-net: realign page_to_skb() after merges (git-fixes).\n- virtio: pci: Fix an error handling path in vp_modern_probe() (git-fixes).\n- virtio-pci: Remove wrong address verification in vp_del_vqs() (git-fixes).\n- VMCI: Fix the description of vmci_check_host_caps() (git-fixes).\n- vringh: Fix loop descriptors check in the indirect cases (git-fixes).\n- vsprintf: Fix %pK with kptr_restrict == 0 (bsc#1197889).\n- vsprintf: Fix potential unaligned access (bsc#1198379).\n- vt_ioctl: add array_index_nospec to VT_ACTIVATE (git-fixes).\n- vt_ioctl: fix array_index_nospec in vt_setactivate (git-fixes).\n- vxcan: enable local echo for sent CAN frames (git-fixes).\n- w1: w1_therm: fixes w1_seq for ds28ea00 sensors (git-fixes).\n- watchdog: rti-wdt: Add missing pm_runtime_disable() in probe function (git-fixes).\n- watchdog: rti-wdt: Fix pm_runtime_get_sync() error checking (git-fixes).\n- Watchdog: sp5100_tco: Add initialization using EFCH MMIO (bsc#1199260).\n- watchdog: sp5100_tco: Add support for get_timeleft (bsc#1199260).\n- Watchdog: sp5100_tco: Enable Family 17h+ CPUs (bsc#1199260).\n- Watchdog: sp5100_tco: Move timer initialization into function (bsc#1199260).\n- Watchdog: sp5100_tco: Refactor MMIO base address initialization (bsc#1199260).\n- watchdog: ts4800_wdt: Fix refcount leak in ts4800_wdt_probe (git-fixes).\n- watchdog: wdat_wdt: Stop watchdog when rebooting the system (git-fixes).\n- watch_queue: Actually free the watch (git-fixes).\n- watch_queue: Fix NULL dereference in error cleanup (git-fixes).\n- watch_queue: Free the page array when watch_queue is dismantled (git-fixes).\n- wcn36xx: Differentiate wcn3660 from wcn3620 (git-fixes).\n- wifi: mac80211: fix use-after-free in chanctx code (git-fixes).\n- wilc1000: fix crash observed in AP mode with cfg80211_register_netdevice() (git-fixes).\n- wireguard: queueing: use CFI-safe ptr_ring cleanup function (git-fixes).\n- wireguard: selftests: rename DEBUG_PI_LIST to DEBUG_PLIST (git-fixes).\n- wireguard: socket: free skb in send6 when ipv6 is disabled (git-fixes).\n- wireguard: socket: ignore v6 endpoints when ipv6 is disabled (git-fixes).\n- writeback: Avoid skipping inode writeback (bsc#1200813).\n- writeback: Fix inode-\u003ei_io_list not be protected by inode-\u003ei_lock error (bsc#1200821).\n- x86/boot: Add setup_indirect support in early_memremap_is_setup_data() (bsc#1190497).\n- x86/boot: Fix memremap of setup_indirect structures (bsc#1190497).\n- x86/cc: Move arch/x86/{kernel/cc_platform.c coco/core.c} (jsc#SLE-19924).\n- x86/coco: Add API to handle encryption mask (jsc#SLE-19924).\n- x86/coco: Explicitly declare type of confidential computing platform (jsc#SLE-19924).\n- x86/cpu: Add Xeon Icelake-D to list of CPUs that support PPIN (bsc#1190497).\n- x86/cpufeatures: Re-enable ENQCMD (jsc#SLE-24350).\n- x86/cpu: Load microcode during restore_processor_state() (bsc#1190497).\n- x86/entry: Remove skip_r11rcx (bsc#1201524).\n- x86/fpu: Clear PASID when copying fpstate (jsc#SLE-24350).\n- x86/ibt,xen: Sprinkle the ENDBR (bsc#1201471).\n- x86/kprobes: Add UNWIND_HINT_FUNC on kretprobe_trampoline() (bsc#1193277).\n- x86/kprobes: Fixup return address in generic trampoline handler (bsc#1193277).\n- x86/kprobes: Push a fake return address at kretprobe_trampoline (bsc#1193277).\n- x86/kvmclock: Fix Hyper-V Isolated VM s boot issue when vCPUs 64 (bsc#1183682).\n- x86/kvm: Do not waste memory if kvmclock is disabled (bsc#1183682).\n- x86/MCE/AMD: Allow thresholding interface updates after init (bsc#1190497).\n- x86/mm/cpa: Generalize __set_memory_enc_pgtable() (jsc#SLE-19924).\n- x86/module: Fix the paravirt vs alternative order (bsc#1190497).\n- x86/pm: Save the MSR validity status at context setup (bsc#1190497).\n- x86/ptrace: Fix xfpregs_set() incorrect xmm clearing (bsc#1190497).\n- x86/speculation: Restore speculation related MSRs during S3 resume (bsc#1190497).\n- x86/traps: Demand-populate PASID MSR via #GP (jsc#SLE-24350).\n- x86/traps: Mark do_int3() NOKPROBE_SYMBOL (bsc#1190497).\n- x86/tsx: Use MSR_TSX_CTRL to clear CPUID bits (bsc#1190497).\n- x86/unwind: kABI workaround for unwind_state changes (bsc#1193277).\n- x86/unwind: Recover kretprobe trampoline entry (bsc#1193277).\n- xen/blkfront: fix comment for need_copy (git-fixes).\n- xen: fix is_xen_pmu() (git-fixes).\n- xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue (bsc#1201381).\n- xen: unexport __init-annotated xen_xlate_map_ballooned_pages() (bsc#1201218).\n- xen/x86: obtain full video frame buffer address for Dom0 also under EFI (bsc#1193556).\n- xen/x86: obtain upper 32 bits of video frame buffer address for Dom0 (bsc#1193556).\n- xfs: drop async cache flushes from CIL commits (bsc#1195669).\n- xhci: Allow host runtime PM as default for Intel Alder Lake N xHCI (git-fixes).\n- xhci: Enable runtime PM on second Alderlake controller (git-fixes).\n- xhci: fix garbage USBSTS being logged in some cases (git-fixes).\n- xhci: fix runtime PM imbalance in USB2 resume (git-fixes).\n- xhci: fix uninitialized string returned by xhci_decode_ctrl_ctx() (git-fixes).\n- xhci: increase usb U3 U0 link resume timeout from 100ms to 500ms (git-fixes).\n- xhci: make xhci_handshake timeout for xhci_reset() adjustable (git-fixes).\n- xhci-pci: Allow host runtime PM as default for Intel Meteor Lake xHCI (git-fixes).\n- xhci-pci: Allow host runtime PM as default for Intel Raptor Lake xHCI (git-fixes).\n- xhci: Prevent futile URB re-submissions due to incorrect return value (git-fixes).\n- xhci: re-initialize the HC during resume if HCE was set (git-fixes).\n- xhci: stop polling roothubs after shutdown (git-fixes).\n- xhci: turn off port power in shutdown (git-fixes).\n- xsk: Do not write NULL in SW ring at allocation failure (jsc#SLE-18375).\n- zsmalloc: decouple class actions from zspage works (bsc#1189998).\n- zsmalloc: introduce obj_allocated (bsc#1189998).\n- zsmalloc: introduce some helper functions (bsc#1189998).\n- zsmalloc: move huge compressed obj from page to zspage (bsc#1189998).\n- zsmalloc: remove zspage isolation for migration (bsc#1189998).\n- zsmalloc: rename zs_stat_type to class_stat_type (bsc#1189998).\n- zsmalloc: replace get_cpu_var with local_lock (bsc#1189998).\n- zsmalloc: replace per zpage lock with poolmigrate_lock (bsc#1189998).\n- zsmalloc: Stop using slab fields in struct page (bsc#1189998 bsc#1190208).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2022-2520,SUSE-SLE-Module-Basesystem-15-SP4-2022-2520,SUSE-SLE-Module-Development-Tools-15-SP4-2022-2520,SUSE-SLE-Module-Legacy-15-SP4-2022-2520,SUSE-SLE-Module-Live-Patching-15-SP4-2022-2520,SUSE-SLE-Product-HA-15-SP4-2022-2520,SUSE-SLE-Product-WE-15-SP4-2022-2520,openSUSE-SLE-15.4-2022-2520",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_2520-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2022:2520-1",
        "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222520-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2022:2520-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-July/011616.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1055117",
        "url": "https://bugzilla.suse.com/1055117"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1061840",
        "url": "https://bugzilla.suse.com/1061840"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1065729",
        "url": "https://bugzilla.suse.com/1065729"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1071995",
        "url": "https://bugzilla.suse.com/1071995"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1089644",
        "url": "https://bugzilla.suse.com/1089644"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1103269",
        "url": "https://bugzilla.suse.com/1103269"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1118212",
        "url": "https://bugzilla.suse.com/1118212"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1121726",
        "url": "https://bugzilla.suse.com/1121726"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1137728",
        "url": "https://bugzilla.suse.com/1137728"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1156395",
        "url": "https://bugzilla.suse.com/1156395"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1157038",
        "url": "https://bugzilla.suse.com/1157038"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1157923",
        "url": "https://bugzilla.suse.com/1157923"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1175667",
        "url": "https://bugzilla.suse.com/1175667"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1179439",
        "url": "https://bugzilla.suse.com/1179439"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1179639",
        "url": "https://bugzilla.suse.com/1179639"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1180814",
        "url": "https://bugzilla.suse.com/1180814"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1183682",
        "url": "https://bugzilla.suse.com/1183682"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1183872",
        "url": "https://bugzilla.suse.com/1183872"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1184318",
        "url": "https://bugzilla.suse.com/1184318"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1184924",
        "url": "https://bugzilla.suse.com/1184924"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1187716",
        "url": "https://bugzilla.suse.com/1187716"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1188885",
        "url": "https://bugzilla.suse.com/1188885"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1189998",
        "url": "https://bugzilla.suse.com/1189998"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1190137",
        "url": "https://bugzilla.suse.com/1190137"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1190208",
        "url": "https://bugzilla.suse.com/1190208"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1190336",
        "url": "https://bugzilla.suse.com/1190336"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1190497",
        "url": "https://bugzilla.suse.com/1190497"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1190768",
        "url": "https://bugzilla.suse.com/1190768"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1190786",
        "url": "https://bugzilla.suse.com/1190786"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1190812",
        "url": "https://bugzilla.suse.com/1190812"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1191271",
        "url": "https://bugzilla.suse.com/1191271"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1191663",
        "url": "https://bugzilla.suse.com/1191663"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1192483",
        "url": "https://bugzilla.suse.com/1192483"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193064",
        "url": "https://bugzilla.suse.com/1193064"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193277",
        "url": "https://bugzilla.suse.com/1193277"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193289",
        "url": "https://bugzilla.suse.com/1193289"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193431",
        "url": "https://bugzilla.suse.com/1193431"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193556",
        "url": "https://bugzilla.suse.com/1193556"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193629",
        "url": "https://bugzilla.suse.com/1193629"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193640",
        "url": "https://bugzilla.suse.com/1193640"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193787",
        "url": "https://bugzilla.suse.com/1193787"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193823",
        "url": "https://bugzilla.suse.com/1193823"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193852",
        "url": "https://bugzilla.suse.com/1193852"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194086",
        "url": "https://bugzilla.suse.com/1194086"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194111",
        "url": "https://bugzilla.suse.com/1194111"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194191",
        "url": "https://bugzilla.suse.com/1194191"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194409",
        "url": "https://bugzilla.suse.com/1194409"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194501",
        "url": "https://bugzilla.suse.com/1194501"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194523",
        "url": "https://bugzilla.suse.com/1194523"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194526",
        "url": "https://bugzilla.suse.com/1194526"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194583",
        "url": "https://bugzilla.suse.com/1194583"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194585",
        "url": "https://bugzilla.suse.com/1194585"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194586",
        "url": "https://bugzilla.suse.com/1194586"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194625",
        "url": "https://bugzilla.suse.com/1194625"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194765",
        "url": "https://bugzilla.suse.com/1194765"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194826",
        "url": "https://bugzilla.suse.com/1194826"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194869",
        "url": "https://bugzilla.suse.com/1194869"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195099",
        "url": "https://bugzilla.suse.com/1195099"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195287",
        "url": "https://bugzilla.suse.com/1195287"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195478",
        "url": "https://bugzilla.suse.com/1195478"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195482",
        "url": "https://bugzilla.suse.com/1195482"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195504",
        "url": "https://bugzilla.suse.com/1195504"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195651",
        "url": "https://bugzilla.suse.com/1195651"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195668",
        "url": "https://bugzilla.suse.com/1195668"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195669",
        "url": "https://bugzilla.suse.com/1195669"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195775",
        "url": "https://bugzilla.suse.com/1195775"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195823",
        "url": "https://bugzilla.suse.com/1195823"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195826",
        "url": "https://bugzilla.suse.com/1195826"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195913",
        "url": "https://bugzilla.suse.com/1195913"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195915",
        "url": "https://bugzilla.suse.com/1195915"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195926",
        "url": "https://bugzilla.suse.com/1195926"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195944",
        "url": "https://bugzilla.suse.com/1195944"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195957",
        "url": "https://bugzilla.suse.com/1195957"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195987",
        "url": "https://bugzilla.suse.com/1195987"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196079",
        "url": "https://bugzilla.suse.com/1196079"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196114",
        "url": "https://bugzilla.suse.com/1196114"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196130",
        "url": "https://bugzilla.suse.com/1196130"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196213",
        "url": "https://bugzilla.suse.com/1196213"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196306",
        "url": "https://bugzilla.suse.com/1196306"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196367",
        "url": "https://bugzilla.suse.com/1196367"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196400",
        "url": "https://bugzilla.suse.com/1196400"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196426",
        "url": "https://bugzilla.suse.com/1196426"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196478",
        "url": "https://bugzilla.suse.com/1196478"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196514",
        "url": "https://bugzilla.suse.com/1196514"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196570",
        "url": "https://bugzilla.suse.com/1196570"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196723",
        "url": "https://bugzilla.suse.com/1196723"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196779",
        "url": "https://bugzilla.suse.com/1196779"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196830",
        "url": "https://bugzilla.suse.com/1196830"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196836",
        "url": "https://bugzilla.suse.com/1196836"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196866",
        "url": "https://bugzilla.suse.com/1196866"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196868",
        "url": "https://bugzilla.suse.com/1196868"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196869",
        "url": "https://bugzilla.suse.com/1196869"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196901",
        "url": "https://bugzilla.suse.com/1196901"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196930",
        "url": "https://bugzilla.suse.com/1196930"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196942",
        "url": "https://bugzilla.suse.com/1196942"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196960",
        "url": "https://bugzilla.suse.com/1196960"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197016",
        "url": "https://bugzilla.suse.com/1197016"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197157",
        "url": "https://bugzilla.suse.com/1197157"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197227",
        "url": "https://bugzilla.suse.com/1197227"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197243",
        "url": "https://bugzilla.suse.com/1197243"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197292",
        "url": "https://bugzilla.suse.com/1197292"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197302",
        "url": "https://bugzilla.suse.com/1197302"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197303",
        "url": "https://bugzilla.suse.com/1197303"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197304",
        "url": "https://bugzilla.suse.com/1197304"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197362",
        "url": "https://bugzilla.suse.com/1197362"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197386",
        "url": "https://bugzilla.suse.com/1197386"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197501",
        "url": "https://bugzilla.suse.com/1197501"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197601",
        "url": "https://bugzilla.suse.com/1197601"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197661",
        "url": "https://bugzilla.suse.com/1197661"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197675",
        "url": "https://bugzilla.suse.com/1197675"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197761",
        "url": "https://bugzilla.suse.com/1197761"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197817",
        "url": "https://bugzilla.suse.com/1197817"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197819",
        "url": "https://bugzilla.suse.com/1197819"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197820",
        "url": "https://bugzilla.suse.com/1197820"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197888",
        "url": "https://bugzilla.suse.com/1197888"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197889",
        "url": "https://bugzilla.suse.com/1197889"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197894",
        "url": "https://bugzilla.suse.com/1197894"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197915",
        "url": "https://bugzilla.suse.com/1197915"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197917",
        "url": "https://bugzilla.suse.com/1197917"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197918",
        "url": "https://bugzilla.suse.com/1197918"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197920",
        "url": "https://bugzilla.suse.com/1197920"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197921",
        "url": "https://bugzilla.suse.com/1197921"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197922",
        "url": "https://bugzilla.suse.com/1197922"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197926",
        "url": "https://bugzilla.suse.com/1197926"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198009",
        "url": "https://bugzilla.suse.com/1198009"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198010",
        "url": "https://bugzilla.suse.com/1198010"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198012",
        "url": "https://bugzilla.suse.com/1198012"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198013",
        "url": "https://bugzilla.suse.com/1198013"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198014",
        "url": "https://bugzilla.suse.com/1198014"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198015",
        "url": "https://bugzilla.suse.com/1198015"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198016",
        "url": "https://bugzilla.suse.com/1198016"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198017",
        "url": "https://bugzilla.suse.com/1198017"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198018",
        "url": "https://bugzilla.suse.com/1198018"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198019",
        "url": "https://bugzilla.suse.com/1198019"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198020",
        "url": "https://bugzilla.suse.com/1198020"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198021",
        "url": "https://bugzilla.suse.com/1198021"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198022",
        "url": "https://bugzilla.suse.com/1198022"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198023",
        "url": "https://bugzilla.suse.com/1198023"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198024",
        "url": "https://bugzilla.suse.com/1198024"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198027",
        "url": "https://bugzilla.suse.com/1198027"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198030",
        "url": "https://bugzilla.suse.com/1198030"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198034",
        "url": "https://bugzilla.suse.com/1198034"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198058",
        "url": "https://bugzilla.suse.com/1198058"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198217",
        "url": "https://bugzilla.suse.com/1198217"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198379",
        "url": "https://bugzilla.suse.com/1198379"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198400",
        "url": "https://bugzilla.suse.com/1198400"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198402",
        "url": "https://bugzilla.suse.com/1198402"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198410",
        "url": "https://bugzilla.suse.com/1198410"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198412",
        "url": "https://bugzilla.suse.com/1198412"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198413",
        "url": "https://bugzilla.suse.com/1198413"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198438",
        "url": "https://bugzilla.suse.com/1198438"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198484",
        "url": "https://bugzilla.suse.com/1198484"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198577",
        "url": "https://bugzilla.suse.com/1198577"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198585",
        "url": "https://bugzilla.suse.com/1198585"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198660",
        "url": "https://bugzilla.suse.com/1198660"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198802",
        "url": "https://bugzilla.suse.com/1198802"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198803",
        "url": "https://bugzilla.suse.com/1198803"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198806",
        "url": "https://bugzilla.suse.com/1198806"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198811",
        "url": "https://bugzilla.suse.com/1198811"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198826",
        "url": "https://bugzilla.suse.com/1198826"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198829",
        "url": "https://bugzilla.suse.com/1198829"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198835",
        "url": "https://bugzilla.suse.com/1198835"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198968",
        "url": "https://bugzilla.suse.com/1198968"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198971",
        "url": "https://bugzilla.suse.com/1198971"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199011",
        "url": "https://bugzilla.suse.com/1199011"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199024",
        "url": "https://bugzilla.suse.com/1199024"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199035",
        "url": "https://bugzilla.suse.com/1199035"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199046",
        "url": "https://bugzilla.suse.com/1199046"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199052",
        "url": "https://bugzilla.suse.com/1199052"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199063",
        "url": "https://bugzilla.suse.com/1199063"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199163",
        "url": "https://bugzilla.suse.com/1199163"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199173",
        "url": "https://bugzilla.suse.com/1199173"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199260",
        "url": "https://bugzilla.suse.com/1199260"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199314",
        "url": "https://bugzilla.suse.com/1199314"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199390",
        "url": "https://bugzilla.suse.com/1199390"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199426",
        "url": "https://bugzilla.suse.com/1199426"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199433",
        "url": "https://bugzilla.suse.com/1199433"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199439",
        "url": "https://bugzilla.suse.com/1199439"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199482",
        "url": "https://bugzilla.suse.com/1199482"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199487",
        "url": "https://bugzilla.suse.com/1199487"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199505",
        "url": "https://bugzilla.suse.com/1199505"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199507",
        "url": "https://bugzilla.suse.com/1199507"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199605",
        "url": "https://bugzilla.suse.com/1199605"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199611",
        "url": "https://bugzilla.suse.com/1199611"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199626",
        "url": "https://bugzilla.suse.com/1199626"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199631",
        "url": "https://bugzilla.suse.com/1199631"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199650",
        "url": "https://bugzilla.suse.com/1199650"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199657",
        "url": "https://bugzilla.suse.com/1199657"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199674",
        "url": "https://bugzilla.suse.com/1199674"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199736",
        "url": "https://bugzilla.suse.com/1199736"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199793",
        "url": "https://bugzilla.suse.com/1199793"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199839",
        "url": "https://bugzilla.suse.com/1199839"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199875",
        "url": "https://bugzilla.suse.com/1199875"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199909",
        "url": "https://bugzilla.suse.com/1199909"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200015",
        "url": "https://bugzilla.suse.com/1200015"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200019",
        "url": "https://bugzilla.suse.com/1200019"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200045",
        "url": "https://bugzilla.suse.com/1200045"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200046",
        "url": "https://bugzilla.suse.com/1200046"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200144",
        "url": "https://bugzilla.suse.com/1200144"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200205",
        "url": "https://bugzilla.suse.com/1200205"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200211",
        "url": "https://bugzilla.suse.com/1200211"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200259",
        "url": "https://bugzilla.suse.com/1200259"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200263",
        "url": "https://bugzilla.suse.com/1200263"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200284",
        "url": "https://bugzilla.suse.com/1200284"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200315",
        "url": "https://bugzilla.suse.com/1200315"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200343",
        "url": "https://bugzilla.suse.com/1200343"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200420",
        "url": "https://bugzilla.suse.com/1200420"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200442",
        "url": "https://bugzilla.suse.com/1200442"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200475",
        "url": "https://bugzilla.suse.com/1200475"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200502",
        "url": "https://bugzilla.suse.com/1200502"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200567",
        "url": "https://bugzilla.suse.com/1200567"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200569",
        "url": "https://bugzilla.suse.com/1200569"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200571",
        "url": "https://bugzilla.suse.com/1200571"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200599",
        "url": "https://bugzilla.suse.com/1200599"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200600",
        "url": "https://bugzilla.suse.com/1200600"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200608",
        "url": "https://bugzilla.suse.com/1200608"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200611",
        "url": "https://bugzilla.suse.com/1200611"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200619",
        "url": "https://bugzilla.suse.com/1200619"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200692",
        "url": "https://bugzilla.suse.com/1200692"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200762",
        "url": "https://bugzilla.suse.com/1200762"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200763",
        "url": "https://bugzilla.suse.com/1200763"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200806",
        "url": "https://bugzilla.suse.com/1200806"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200807",
        "url": "https://bugzilla.suse.com/1200807"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200808",
        "url": "https://bugzilla.suse.com/1200808"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200809",
        "url": "https://bugzilla.suse.com/1200809"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200810",
        "url": "https://bugzilla.suse.com/1200810"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200812",
        "url": "https://bugzilla.suse.com/1200812"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200813",
        "url": "https://bugzilla.suse.com/1200813"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200815",
        "url": "https://bugzilla.suse.com/1200815"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200816",
        "url": "https://bugzilla.suse.com/1200816"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200820",
        "url": "https://bugzilla.suse.com/1200820"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200821",
        "url": "https://bugzilla.suse.com/1200821"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200822",
        "url": "https://bugzilla.suse.com/1200822"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200824",
        "url": "https://bugzilla.suse.com/1200824"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200825",
        "url": "https://bugzilla.suse.com/1200825"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200827",
        "url": "https://bugzilla.suse.com/1200827"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200828",
        "url": "https://bugzilla.suse.com/1200828"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200829",
        "url": "https://bugzilla.suse.com/1200829"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200830",
        "url": "https://bugzilla.suse.com/1200830"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200845",
        "url": "https://bugzilla.suse.com/1200845"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200882",
        "url": "https://bugzilla.suse.com/1200882"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200925",
        "url": "https://bugzilla.suse.com/1200925"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1201050",
        "url": "https://bugzilla.suse.com/1201050"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1201080",
        "url": "https://bugzilla.suse.com/1201080"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1201160",
        "url": "https://bugzilla.suse.com/1201160"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1201171",
        "url": "https://bugzilla.suse.com/1201171"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1201177",
        "url": "https://bugzilla.suse.com/1201177"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1201193",
        "url": "https://bugzilla.suse.com/1201193"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1201196",
        "url": "https://bugzilla.suse.com/1201196"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1201218",
        "url": "https://bugzilla.suse.com/1201218"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1201222",
        "url": "https://bugzilla.suse.com/1201222"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1201228",
        "url": "https://bugzilla.suse.com/1201228"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1201251",
        "url": "https://bugzilla.suse.com/1201251"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1201381",
        "url": "https://bugzilla.suse.com/1201381"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1201471",
        "url": "https://bugzilla.suse.com/1201471"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1201524",
        "url": "https://bugzilla.suse.com/1201524"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-26341 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-26341/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-33061 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-33061/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-4204 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-4204/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-44879 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-44879/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-45402 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-45402/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0264 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0264/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0494 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0494/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0617 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0617/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1012 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1012/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1016 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1016/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1184 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1184/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1198 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1198/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1205 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1205/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1462 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1462/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1508 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1508/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1651 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1651/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1652 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1652/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1671 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1671/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1679 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1679/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1729 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1729/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1734 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1734/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1789 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1789/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1852 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1852/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1966 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1966/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1972 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1972/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1974 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1974/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1998 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1998/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-20132 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-20132/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-20154 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-20154/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-21123 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-21123/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-21125 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-21125/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-21127 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-21127/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-21166 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-21166/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-21180 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-21180/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-21499 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-21499/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-2318 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-2318/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-23222 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-23222/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-26365 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-26365/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-26490 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-26490/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-29582 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-29582/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-29900 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-29900/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-29901 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-29901/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-30594 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-30594/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-33740 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-33740/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-33741 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-33741/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-33742 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-33742/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-33743 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-33743/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-33981 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-33981/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-34918 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-34918/"
      }
    ],
    "title": "Security update for the Linux Kernel",
    "tracking": {
      "current_release_date": "2022-07-21T16:35:09Z",
      "generator": {
        "date": "2022-07-21T16:35:09Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2022:2520-1",
      "initial_release_date": "2022-07-21T16:35:09Z",
      "revision_history": [
        {
          "date": "2022-07-21T16:35:09Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "dlm-kmp-default-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "dtb-allwinner-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-altera-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "dtb-altera-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "dtb-altera-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-amazon-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "dtb-amazon-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "dtb-amazon-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-amd-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "dtb-amd-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "dtb-amd-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "dtb-amlogic-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-apm-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "dtb-apm-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "dtb-apm-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-apple-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "dtb-apple-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "dtb-apple-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-arm-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "dtb-arm-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "dtb-arm-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "dtb-broadcom-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-cavium-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "dtb-cavium-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "dtb-cavium-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-exynos-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "dtb-exynos-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "dtb-exynos-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-freescale-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "dtb-freescale-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "dtb-freescale-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "dtb-hisilicon-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-lg-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "dtb-lg-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "dtb-lg-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-marvell-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "dtb-marvell-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "dtb-marvell-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "dtb-mediatek-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "dtb-nvidia-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-qcom-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "dtb-qcom-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "dtb-qcom-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-renesas-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "dtb-renesas-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "dtb-renesas-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "dtb-rockchip-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-socionext-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "dtb-socionext-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "dtb-socionext-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-sprd-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "dtb-sprd-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "dtb-sprd-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "dtb-xilinx-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-64kb-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "kernel-64kb-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "kernel-64kb-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "kernel-default-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "kernel-default-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
                "product": {
                  "name": "kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
                  "product_id": "kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
                "product": {
                  "name": "kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
                  "product_id": "kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "kernel-default-devel-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "kernel-default-extra-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "kernel-default-optional-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "kernel-obs-build-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "kernel-obs-qa-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "kernel-syms-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "kernel-syms-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
                "product": {
                  "name": "reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
                  "product_id": "reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-devel-5.14.21-150400.24.11.1.noarch",
                "product": {
                  "name": "kernel-devel-5.14.21-150400.24.11.1.noarch",
                  "product_id": "kernel-devel-5.14.21-150400.24.11.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-docs-5.14.21-150400.24.11.1.noarch",
                "product": {
                  "name": "kernel-docs-5.14.21-150400.24.11.1.noarch",
                  "product_id": "kernel-docs-5.14.21-150400.24.11.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-docs-html-5.14.21-150400.24.11.1.noarch",
                "product": {
                  "name": "kernel-docs-html-5.14.21-150400.24.11.1.noarch",
                  "product_id": "kernel-docs-html-5.14.21-150400.24.11.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-macros-5.14.21-150400.24.11.1.noarch",
                "product": {
                  "name": "kernel-macros-5.14.21-150400.24.11.1.noarch",
                  "product_id": "kernel-macros-5.14.21-150400.24.11.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-5.14.21-150400.24.11.1.noarch",
                "product": {
                  "name": "kernel-source-5.14.21-150400.24.11.1.noarch",
                  "product_id": "kernel-source-5.14.21-150400.24.11.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
                "product": {
                  "name": "kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
                  "product_id": "kernel-source-vanilla-5.14.21-150400.24.11.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
                "product": {
                  "name": "cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
                  "product_id": "cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
                "product": {
                  "name": "dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
                  "product_id": "dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
                "product": {
                  "name": "gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
                  "product_id": "gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-5.14.21-150400.24.11.1.ppc64le",
                "product": {
                  "name": "kernel-debug-5.14.21-150400.24.11.1.ppc64le",
                  "product_id": "kernel-debug-5.14.21-150400.24.11.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
                "product": {
                  "name": "kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
                  "product_id": "kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
                "product": {
                  "name": "kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
                  "product_id": "kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-5.14.21-150400.24.11.1.ppc64le",
                "product": {
                  "name": "kernel-default-5.14.21-150400.24.11.1.ppc64le",
                  "product_id": "kernel-default-5.14.21-150400.24.11.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
                "product": {
                  "name": "kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
                  "product_id": "kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
                "product": {
                  "name": "kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
                  "product_id": "kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
                "product": {
                  "name": "kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
                  "product_id": "kernel-default-devel-5.14.21-150400.24.11.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
                "product": {
                  "name": "kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
                  "product_id": "kernel-default-extra-5.14.21-150400.24.11.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
                "product": {
                  "name": "kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
                  "product_id": "kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
                "product": {
                  "name": "kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
                  "product_id": "kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
                "product": {
                  "name": "kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
                  "product_id": "kernel-default-optional-5.14.21-150400.24.11.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
                "product": {
                  "name": "kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
                  "product_id": "kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
                "product": {
                  "name": "kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
                  "product_id": "kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
                "product": {
                  "name": "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
                  "product_id": "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
                "product": {
                  "name": "kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
                  "product_id": "kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
                "product": {
                  "name": "kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
                  "product_id": "kernel-obs-build-5.14.21-150400.24.11.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
                "product": {
                  "name": "kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
                  "product_id": "kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-5.14.21-150400.24.11.1.ppc64le",
                "product": {
                  "name": "kernel-syms-5.14.21-150400.24.11.1.ppc64le",
                  "product_id": "kernel-syms-5.14.21-150400.24.11.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
                "product": {
                  "name": "kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
                  "product_id": "kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
                "product": {
                  "name": "ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
                  "product_id": "ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
                "product": {
                  "name": "reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
                  "product_id": "reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
                "product": {
                  "name": "cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
                  "product_id": "cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
                "product": {
                  "name": "dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
                  "product_id": "dlm-kmp-default-5.14.21-150400.24.11.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
                "product": {
                  "name": "gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
                  "product_id": "gfs2-kmp-default-5.14.21-150400.24.11.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-5.14.21-150400.24.11.1.s390x",
                "product": {
                  "name": "kernel-default-5.14.21-150400.24.11.1.s390x",
                  "product_id": "kernel-default-5.14.21-150400.24.11.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
                "product": {
                  "name": "kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
                  "product_id": "kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
                "product": {
                  "name": "kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
                  "product_id": "kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-5.14.21-150400.24.11.1.s390x",
                "product": {
                  "name": "kernel-default-devel-5.14.21-150400.24.11.1.s390x",
                  "product_id": "kernel-default-devel-5.14.21-150400.24.11.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-5.14.21-150400.24.11.1.s390x",
                "product": {
                  "name": "kernel-default-extra-5.14.21-150400.24.11.1.s390x",
                  "product_id": "kernel-default-extra-5.14.21-150400.24.11.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
                "product": {
                  "name": "kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
                  "product_id": "kernel-default-livepatch-5.14.21-150400.24.11.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
                "product": {
                  "name": "kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
                  "product_id": "kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-optional-5.14.21-150400.24.11.1.s390x",
                "product": {
                  "name": "kernel-default-optional-5.14.21-150400.24.11.1.s390x",
                  "product_id": "kernel-default-optional-5.14.21-150400.24.11.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
                "product": {
                  "name": "kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
                  "product_id": "kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-5.14.21-150400.24.11.1.s390x",
                "product": {
                  "name": "kernel-obs-build-5.14.21-150400.24.11.1.s390x",
                  "product_id": "kernel-obs-build-5.14.21-150400.24.11.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
                "product": {
                  "name": "kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
                  "product_id": "kernel-obs-qa-5.14.21-150400.24.11.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-5.14.21-150400.24.11.1.s390x",
                "product": {
                  "name": "kernel-syms-5.14.21-150400.24.11.1.s390x",
                  "product_id": "kernel-syms-5.14.21-150400.24.11.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
                "product": {
                  "name": "kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
                  "product_id": "kernel-zfcpdump-5.14.21-150400.24.11.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
                "product": {
                  "name": "kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
                  "product_id": "kselftests-kmp-default-5.14.21-150400.24.11.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
                "product": {
                  "name": "ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
                  "product_id": "ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
                "product": {
                  "name": "reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
                  "product_id": "reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
                "product": {
                  "name": "cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
                  "product_id": "cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
                "product": {
                  "name": "dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
                  "product_id": "dlm-kmp-default-5.14.21-150400.24.11.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
                "product": {
                  "name": "gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
                  "product_id": "gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-5.14.21-150400.24.11.1.x86_64",
                "product": {
                  "name": "kernel-debug-5.14.21-150400.24.11.1.x86_64",
                  "product_id": "kernel-debug-5.14.21-150400.24.11.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
                "product": {
                  "name": "kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
                  "product_id": "kernel-debug-devel-5.14.21-150400.24.11.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
                "product": {
                  "name": "kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
                  "product_id": "kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-5.14.21-150400.24.11.1.x86_64",
                "product": {
                  "name": "kernel-default-5.14.21-150400.24.11.1.x86_64",
                  "product_id": "kernel-default-5.14.21-150400.24.11.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
                "product": {
                  "name": "kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
                  "product_id": "kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
                "product": {
                  "name": "kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
                  "product_id": "kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
                "product": {
                  "name": "kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
                  "product_id": "kernel-default-devel-5.14.21-150400.24.11.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
                "product": {
                  "name": "kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
                  "product_id": "kernel-default-extra-5.14.21-150400.24.11.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
                "product": {
                  "name": "kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
                  "product_id": "kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
                "product": {
                  "name": "kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
                  "product_id": "kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
                "product": {
                  "name": "kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
                  "product_id": "kernel-default-optional-5.14.21-150400.24.11.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
                "product": {
                  "name": "kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
                  "product_id": "kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
                "product": {
                  "name": "kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
                  "product_id": "kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
                "product": {
                  "name": "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
                  "product_id": "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
                "product": {
                  "name": "kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
                  "product_id": "kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
                "product": {
                  "name": "kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
                  "product_id": "kernel-obs-build-5.14.21-150400.24.11.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
                "product": {
                  "name": "kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
                  "product_id": "kernel-obs-qa-5.14.21-150400.24.11.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-5.14.21-150400.24.11.1.x86_64",
                "product": {
                  "name": "kernel-syms-5.14.21-150400.24.11.1.x86_64",
                  "product_id": "kernel-syms-5.14.21-150400.24.11.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
                "product": {
                  "name": "kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
                  "product_id": "kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
                "product": {
                  "name": "ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
                  "product_id": "ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
                "product": {
                  "name": "reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
                  "product_id": "reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Basesystem 15 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Basesystem 15 SP4",
                  "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-basesystem:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Development Tools 15 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Development Tools 15 SP4",
                  "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-development-tools:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Legacy 15 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Legacy 15 SP4",
                  "product_id": "SUSE Linux Enterprise Module for Legacy 15 SP4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-legacy:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Live Patching 15 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise Live Patching 15 SP4",
                  "product_id": "SUSE Linux Enterprise Live Patching 15 SP4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-live-patching:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Availability Extension 15 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise High Availability Extension 15 SP4",
                  "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-ha:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Workstation Extension 15 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise Workstation Extension 15 SP4",
                  "product_id": "SUSE Linux Enterprise Workstation Extension 15 SP4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-we:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.4",
                "product": {
                  "name": "openSUSE Leap 15.4",
                  "product_id": "openSUSE Leap 15.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.4"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-64kb-5.14.21-150400.24.11.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "kernel-64kb-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.14.21-150400.24.11.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "kernel-default-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.14.21-150400.24.11.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le"
        },
        "product_reference": "kernel-default-5.14.21-150400.24.11.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.14.21-150400.24.11.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x"
        },
        "product_reference": "kernel-default-5.14.21-150400.24.11.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.14.21-150400.24.11.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64"
        },
        "product_reference": "kernel-default-5.14.21-150400.24.11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64"
        },
        "product_reference": "kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le"
        },
        "product_reference": "kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x"
        },
        "product_reference": "kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64"
        },
        "product_reference": "kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.14.21-150400.24.11.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.14.21-150400.24.11.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le"
        },
        "product_reference": "kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.14.21-150400.24.11.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x"
        },
        "product_reference": "kernel-default-devel-5.14.21-150400.24.11.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.14.21-150400.24.11.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64"
        },
        "product_reference": "kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-5.14.21-150400.24.11.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch"
        },
        "product_reference": "kernel-devel-5.14.21-150400.24.11.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-5.14.21-150400.24.11.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch"
        },
        "product_reference": "kernel-macros-5.14.21-150400.24.11.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-zfcpdump-5.14.21-150400.24.11.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x"
        },
        "product_reference": "kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-docs-5.14.21-150400.24.11.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch"
        },
        "product_reference": "kernel-docs-5.14.21-150400.24.11.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.14.21-150400.24.11.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.14.21-150400.24.11.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le"
        },
        "product_reference": "kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.14.21-150400.24.11.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x"
        },
        "product_reference": "kernel-obs-build-5.14.21-150400.24.11.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.14.21-150400.24.11.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64"
        },
        "product_reference": "kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-5.14.21-150400.24.11.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch"
        },
        "product_reference": "kernel-source-5.14.21-150400.24.11.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.14.21-150400.24.11.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "kernel-syms-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.14.21-150400.24.11.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le"
        },
        "product_reference": "kernel-syms-5.14.21-150400.24.11.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.14.21-150400.24.11.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x"
        },
        "product_reference": "kernel-syms-5.14.21-150400.24.11.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.14.21-150400.24.11.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64"
        },
        "product_reference": "kernel-syms-5.14.21-150400.24.11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le"
        },
        "product_reference": "reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x"
        },
        "product_reference": "reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        },
        "product_reference": "reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP4",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le"
        },
        "product_reference": "kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-5.14.21-150400.24.11.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP4",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x"
        },
        "product_reference": "kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP4",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64"
        },
        "product_reference": "kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP4",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le"
        },
        "product_reference": "kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP4",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x"
        },
        "product_reference": "kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP4",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64"
        },
        "product_reference": "kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP4",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le"
        },
        "product_reference": "kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x as component of SUSE Linux Enterprise Live Patching 15 SP4",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x"
        },
        "product_reference": "kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP4",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64"
        },
        "product_reference": "kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP4",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP4",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le"
        },
        "product_reference": "cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP4",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x"
        },
        "product_reference": "cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP4",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64"
        },
        "product_reference": "cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-5.14.21-150400.24.11.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP4",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP4",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le"
        },
        "product_reference": "dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-5.14.21-150400.24.11.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP4",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x"
        },
        "product_reference": "dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-5.14.21-150400.24.11.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP4",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64"
        },
        "product_reference": "dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP4",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP4",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le"
        },
        "product_reference": "gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-5.14.21-150400.24.11.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP4",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x"
        },
        "product_reference": "gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP4",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64"
        },
        "product_reference": "gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP4",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP4",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le"
        },
        "product_reference": "ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP4",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x"
        },
        "product_reference": "ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP4",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64"
        },
        "product_reference": "ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-extra-5.14.21-150400.24.11.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP4",
          "product_id": "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64"
        },
        "product_reference": "kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le"
        },
        "product_reference": "cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x"
        },
        "product_reference": "cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64"
        },
        "product_reference": "cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le"
        },
        "product_reference": "dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-5.14.21-150400.24.11.1.s390x as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x"
        },
        "product_reference": "dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-5.14.21-150400.24.11.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64"
        },
        "product_reference": "dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-allwinner-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-altera-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "dtb-altera-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-amazon-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "dtb-amazon-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-amd-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "dtb-amd-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-amlogic-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-apm-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "dtb-apm-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-apple-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "dtb-apple-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-arm-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "dtb-arm-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-broadcom-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-cavium-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "dtb-cavium-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-exynos-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "dtb-exynos-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-freescale-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "dtb-freescale-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-hisilicon-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-lg-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "dtb-lg-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-marvell-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "dtb-marvell-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-mediatek-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-nvidia-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-qcom-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "dtb-qcom-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-renesas-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "dtb-renesas-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-rockchip-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-socionext-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "dtb-socionext-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-sprd-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "dtb-sprd-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-xilinx-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le"
        },
        "product_reference": "gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-5.14.21-150400.24.11.1.s390x as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x"
        },
        "product_reference": "gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64"
        },
        "product_reference": "gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-64kb-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "kernel-64kb-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-debug-5.14.21-150400.24.11.1.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le"
        },
        "product_reference": "kernel-debug-5.14.21-150400.24.11.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-debug-5.14.21-150400.24.11.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64"
        },
        "product_reference": "kernel-debug-5.14.21-150400.24.11.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le"
        },
        "product_reference": "kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-debug-devel-5.14.21-150400.24.11.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64"
        },
        "product_reference": "kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le"
        },
        "product_reference": "kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64"
        },
        "product_reference": "kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "kernel-default-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.14.21-150400.24.11.1.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le"
        },
        "product_reference": "kernel-default-5.14.21-150400.24.11.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.14.21-150400.24.11.1.s390x as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x"
        },
        "product_reference": "kernel-default-5.14.21-150400.24.11.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.14.21-150400.24.11.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64"
        },
        "product_reference": "kernel-default-5.14.21-150400.24.11.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64"
        },
        "product_reference": "kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le"
        },
        "product_reference": "kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x"
        },
        "product_reference": "kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64"
        },
        "product_reference": "kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64"
        },
        "product_reference": "kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le"
        },
        "product_reference": "kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x"
        },
        "product_reference": "kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64"
        },
        "product_reference": "kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.14.21-150400.24.11.1.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le"
        },
        "product_reference": "kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.14.21-150400.24.11.1.s390x as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x"
        },
        "product_reference": "kernel-default-devel-5.14.21-150400.24.11.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.14.21-150400.24.11.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64"
        },
        "product_reference": "kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-extra-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-extra-5.14.21-150400.24.11.1.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le"
        },
        "product_reference": "kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-extra-5.14.21-150400.24.11.1.s390x as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x"
        },
        "product_reference": "kernel-default-extra-5.14.21-150400.24.11.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-extra-5.14.21-150400.24.11.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64"
        },
        "product_reference": "kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le"
        },
        "product_reference": "kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-5.14.21-150400.24.11.1.s390x as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x"
        },
        "product_reference": "kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64"
        },
        "product_reference": "kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le"
        },
        "product_reference": "kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x"
        },
        "product_reference": "kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64"
        },
        "product_reference": "kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-optional-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-optional-5.14.21-150400.24.11.1.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le"
        },
        "product_reference": "kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-optional-5.14.21-150400.24.11.1.s390x as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x"
        },
        "product_reference": "kernel-default-optional-5.14.21-150400.24.11.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-optional-5.14.21-150400.24.11.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64"
        },
        "product_reference": "kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-5.14.21-150400.24.11.1.noarch as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch"
        },
        "product_reference": "kernel-devel-5.14.21-150400.24.11.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-docs-5.14.21-150400.24.11.1.noarch as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch"
        },
        "product_reference": "kernel-docs-5.14.21-150400.24.11.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-docs-html-5.14.21-150400.24.11.1.noarch as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch"
        },
        "product_reference": "kernel-docs-html-5.14.21-150400.24.11.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le"
        },
        "product_reference": "kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64"
        },
        "product_reference": "kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le"
        },
        "product_reference": "kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64"
        },
        "product_reference": "kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le"
        },
        "product_reference": "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64"
        },
        "product_reference": "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-5.14.21-150400.24.11.1.noarch as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch"
        },
        "product_reference": "kernel-macros-5.14.21-150400.24.11.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.14.21-150400.24.11.1.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le"
        },
        "product_reference": "kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.14.21-150400.24.11.1.s390x as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x"
        },
        "product_reference": "kernel-obs-build-5.14.21-150400.24.11.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.14.21-150400.24.11.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64"
        },
        "product_reference": "kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-qa-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le"
        },
        "product_reference": "kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-qa-5.14.21-150400.24.11.1.s390x as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x"
        },
        "product_reference": "kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-qa-5.14.21-150400.24.11.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64"
        },
        "product_reference": "kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-5.14.21-150400.24.11.1.noarch as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch"
        },
        "product_reference": "kernel-source-5.14.21-150400.24.11.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-vanilla-5.14.21-150400.24.11.1.noarch as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch"
        },
        "product_reference": "kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "kernel-syms-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.14.21-150400.24.11.1.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le"
        },
        "product_reference": "kernel-syms-5.14.21-150400.24.11.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.14.21-150400.24.11.1.s390x as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x"
        },
        "product_reference": "kernel-syms-5.14.21-150400.24.11.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.14.21-150400.24.11.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64"
        },
        "product_reference": "kernel-syms-5.14.21-150400.24.11.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-zfcpdump-5.14.21-150400.24.11.1.s390x as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x"
        },
        "product_reference": "kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le"
        },
        "product_reference": "kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kselftests-kmp-default-5.14.21-150400.24.11.1.s390x as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x"
        },
        "product_reference": "kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64"
        },
        "product_reference": "kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le"
        },
        "product_reference": "ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x"
        },
        "product_reference": "ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64"
        },
        "product_reference": "ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64"
        },
        "product_reference": "reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le"
        },
        "product_reference": "reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x"
        },
        "product_reference": "reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        },
        "product_reference": "reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-26341",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-26341"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-26341",
          "url": "https://www.suse.com/security/cve/CVE-2021-26341"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196901 for CVE-2021-26341",
          "url": "https://bugzilla.suse.com/1196901"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201050 for CVE-2021-26341",
          "url": "https://bugzilla.suse.com/1201050"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-26341"
    },
    {
      "cve": "CVE-2021-33061",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-33061"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-33061",
          "url": "https://www.suse.com/security/cve/CVE-2021-33061"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196426 for CVE-2021-33061",
          "url": "https://bugzilla.suse.com/1196426"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-33061"
    },
    {
      "cve": "CVE-2021-4204",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-4204"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An out-of-bounds (OOB) memory access flaw was found in the Linux kernel\u0027s eBPF due to an Improper Input Validation. This flaw allows a local attacker with a special privilege to crash the system or leak internal information.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-4204",
          "url": "https://www.suse.com/security/cve/CVE-2021-4204"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194111 for CVE-2021-4204",
          "url": "https://bugzilla.suse.com/1194111"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-4204"
    },
    {
      "cve": "CVE-2021-44879",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-44879"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-44879",
          "url": "https://www.suse.com/security/cve/CVE-2021-44879"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195987 for CVE-2021-44879",
          "url": "https://bugzilla.suse.com/1195987"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-44879"
    },
    {
      "cve": "CVE-2021-45402",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-45402"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The check_alu_op() function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did not properly update bounds while handling the mov32 instruction, which allows local users to obtain potentially sensitive address information, aka a \"pointer leak.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-45402",
          "url": "https://www.suse.com/security/cve/CVE-2021-45402"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196130 for CVE-2021-45402",
          "url": "https://bugzilla.suse.com/1196130"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-45402"
    },
    {
      "cve": "CVE-2022-0264",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0264"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability was found in the Linux kernel\u0027s eBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating some of the exploit mitigations in place for the kernel. This flaws affects kernel versions \u003c v5.16-rc6",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0264",
          "url": "https://www.suse.com/security/cve/CVE-2022-0264"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194826 for CVE-2022-0264",
          "url": "https://bugzilla.suse.com/1194826"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0264"
    },
    {
      "cve": "CVE-2022-0494",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0494"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0494",
          "url": "https://www.suse.com/security/cve/CVE-2022-0494"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1197386 for CVE-2022-0494",
          "url": "https://bugzilla.suse.com/1197386"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1207783 for CVE-2022-0494",
          "url": "https://bugzilla.suse.com/1207783"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0494"
    },
    {
      "cve": "CVE-2022-0617",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0617"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0617",
          "url": "https://www.suse.com/security/cve/CVE-2022-0617"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196079 for CVE-2022-0617",
          "url": "https://bugzilla.suse.com/1196079"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0617"
    },
    {
      "cve": "CVE-2022-1012",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1012"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1012",
          "url": "https://www.suse.com/security/cve/CVE-2022-1012"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199482 for CVE-2022-1012",
          "url": "https://bugzilla.suse.com/1199482"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199694 for CVE-2022-1012",
          "url": "https://bugzilla.suse.com/1199694"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1202335 for CVE-2022-1012",
          "url": "https://bugzilla.suse.com/1202335"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-1012"
    },
    {
      "cve": "CVE-2022-1016",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1016"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle \u0027return\u0027 with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1016",
          "url": "https://www.suse.com/security/cve/CVE-2022-1016"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1197335 for CVE-2022-1016",
          "url": "https://bugzilla.suse.com/1197335"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-1016"
    },
    {
      "cve": "CVE-2022-1184",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1184"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel\u0027s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1184",
          "url": "https://www.suse.com/security/cve/CVE-2022-1184"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198577 for CVE-2022-1184",
          "url": "https://bugzilla.suse.com/1198577"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210859 for CVE-2022-1184",
          "url": "https://bugzilla.suse.com/1210859"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-1184"
    },
    {
      "cve": "CVE-2022-1198",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1198"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1198",
          "url": "https://www.suse.com/security/cve/CVE-2022-1198"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198030 for CVE-2022-1198",
          "url": "https://bugzilla.suse.com/1198030"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-1198"
    },
    {
      "cve": "CVE-2022-1205",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1205"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A NULL pointer dereference flaw was found in the Linux kernel\u0027s Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1205",
          "url": "https://www.suse.com/security/cve/CVE-2022-1205"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198027 for CVE-2022-1205",
          "url": "https://bugzilla.suse.com/1198027"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-1205"
    },
    {
      "cve": "CVE-2022-1462",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1462"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An out-of-bounds read flaw was found in the Linux kernel\u0027s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a local user to crash the system or read unauthorized random data from memory.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1462",
          "url": "https://www.suse.com/security/cve/CVE-2022-1462"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198829 for CVE-2022-1462",
          "url": "https://bugzilla.suse.com/1198829"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-1462"
    },
    {
      "cve": "CVE-2022-1508",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1508"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An out-of-bounds read flaw was found in the Linux kernel\u0027s io_uring module in the way a user triggers the io_read() function with some special parameters. This flaw allows a local user to read some memory out of bounds.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1508",
          "url": "https://www.suse.com/security/cve/CVE-2022-1508"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198968 for CVE-2022-1508",
          "url": "https://bugzilla.suse.com/1198968"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-1508"
    },
    {
      "cve": "CVE-2022-1651",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1651"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A memory leak flaw was found in the Linux kernel in acrn_dev_ioctl in the drivers/virt/acrn/hsm.c function in how the ACRN Device Model emulates virtual NICs in VM. This flaw allows a local privileged attacker to leak unauthorized kernel information, causing a denial of service.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1651",
          "url": "https://www.suse.com/security/cve/CVE-2022-1651"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199433 for CVE-2022-1651",
          "url": "https://bugzilla.suse.com/1199433"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-1651"
    },
    {
      "cve": "CVE-2022-1652",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1652"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1652",
          "url": "https://www.suse.com/security/cve/CVE-2022-1652"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199063 for CVE-2022-1652",
          "url": "https://bugzilla.suse.com/1199063"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200057 for CVE-2022-1652",
          "url": "https://bugzilla.suse.com/1200057"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200751 for CVE-2022-1652",
          "url": "https://bugzilla.suse.com/1200751"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201034 for CVE-2022-1652",
          "url": "https://bugzilla.suse.com/1201034"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201832 for CVE-2022-1652",
          "url": "https://bugzilla.suse.com/1201832"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-1652",
          "url": "https://bugzilla.suse.com/1204132"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1212307 for CVE-2022-1652",
          "url": "https://bugzilla.suse.com/1212307"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-1652"
    },
    {
      "cve": "CVE-2022-1671",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1671"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. This flaw allows a local attacker to crash the system or leak internal kernel information.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1671",
          "url": "https://www.suse.com/security/cve/CVE-2022-1671"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199439 for CVE-2022-1671",
          "url": "https://bugzilla.suse.com/1199439"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-1671"
    },
    {
      "cve": "CVE-2022-1679",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1679"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free flaw was found in the Linux kernel\u0027s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1679",
          "url": "https://www.suse.com/security/cve/CVE-2022-1679"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199487 for CVE-2022-1679",
          "url": "https://bugzilla.suse.com/1199487"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201080 for CVE-2022-1679",
          "url": "https://bugzilla.suse.com/1201080"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201832 for CVE-2022-1679",
          "url": "https://bugzilla.suse.com/1201832"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-1679",
          "url": "https://bugzilla.suse.com/1204132"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1212316 for CVE-2022-1679",
          "url": "https://bugzilla.suse.com/1212316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-1679"
    },
    {
      "cve": "CVE-2022-1729",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1729"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1729",
          "url": "https://www.suse.com/security/cve/CVE-2022-1729"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199507 for CVE-2022-1729",
          "url": "https://bugzilla.suse.com/1199507"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199697 for CVE-2022-1729",
          "url": "https://bugzilla.suse.com/1199697"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201832 for CVE-2022-1729",
          "url": "https://bugzilla.suse.com/1201832"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-1729"
    },
    {
      "cve": "CVE-2022-1734",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1734"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1734",
          "url": "https://www.suse.com/security/cve/CVE-2022-1734"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199605 for CVE-2022-1734",
          "url": "https://bugzilla.suse.com/1199605"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199606 for CVE-2022-1734",
          "url": "https://bugzilla.suse.com/1199606"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201832 for CVE-2022-1734",
          "url": "https://bugzilla.suse.com/1201832"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-1734"
    },
    {
      "cve": "CVE-2022-1789",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1789"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva. If INVPCID is executed with CR0.PG=0, the invlpg callback is not set and the result is a NULL pointer dereference.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1789",
          "url": "https://www.suse.com/security/cve/CVE-2022-1789"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199674 for CVE-2022-1789",
          "url": "https://bugzilla.suse.com/1199674"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-1789"
    },
    {
      "cve": "CVE-2022-1852",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1852"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A NULL pointer dereference flaw was found in the Linux kernel\u0027s KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1852",
          "url": "https://www.suse.com/security/cve/CVE-2022-1852"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199875 for CVE-2022-1852",
          "url": "https://bugzilla.suse.com/1199875"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-1852"
    },
    {
      "cve": "CVE-2022-1966",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1966"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-32250. Reason: This candidate is a duplicate of CVE-2022-32250. Notes: All CVE users should reference CVE-2022-32250 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1966",
          "url": "https://www.suse.com/security/cve/CVE-2022-1966"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200015 for CVE-2022-1966",
          "url": "https://bugzilla.suse.com/1200015"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200268 for CVE-2022-1966",
          "url": "https://bugzilla.suse.com/1200268"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200494 for CVE-2022-1966",
          "url": "https://bugzilla.suse.com/1200494"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200529 for CVE-2022-1966",
          "url": "https://bugzilla.suse.com/1200529"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-1966"
    },
    {
      "cve": "CVE-2022-1972",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1972"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-2078. Reason: This candidate is a reservation duplicate of CVE-2022-2078. Notes: All CVE users should reference CVE-2022-2078 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1972",
          "url": "https://www.suse.com/security/cve/CVE-2022-1972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200019 for CVE-2022-1972",
          "url": "https://bugzilla.suse.com/1200019"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200266 for CVE-2022-1972",
          "url": "https://bugzilla.suse.com/1200266"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-1972"
    },
    {
      "cve": "CVE-2022-1974",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1974"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free flaw was found in the Linux kernel\u0027s NFC core functionality due to a race condition between kobject creation and delete. This vulnerability allows a local attacker with CAP_NET_ADMIN privilege to leak kernel information.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1974",
          "url": "https://www.suse.com/security/cve/CVE-2022-1974"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200144 for CVE-2022-1974",
          "url": "https://bugzilla.suse.com/1200144"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200265 for CVE-2022-1974",
          "url": "https://bugzilla.suse.com/1200265"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-1974"
    },
    {
      "cve": "CVE-2022-1998",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1998"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). A local user could use this flaw to crash the system or potentially escalate their privileges on the system.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1998",
          "url": "https://www.suse.com/security/cve/CVE-2022-1998"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200284 for CVE-2022-1998",
          "url": "https://bugzilla.suse.com/1200284"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-1998"
    },
    {
      "cve": "CVE-2022-20132",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-20132"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In lg_probe and related functions of hid-lg.c and other USB HID files, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure if a malicious USB HID device were plugged in, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-188677105References: Upstream kernel",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-20132",
          "url": "https://www.suse.com/security/cve/CVE-2022-20132"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200619 for CVE-2022-20132",
          "url": "https://bugzilla.suse.com/1200619"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1212287 for CVE-2022-20132",
          "url": "https://bugzilla.suse.com/1212287"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-20132"
    },
    {
      "cve": "CVE-2022-20154",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-20154"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In lock_sock_nested of sock.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-174846563References: Upstream kernel",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-20154",
          "url": "https://www.suse.com/security/cve/CVE-2022-20154"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200599 for CVE-2022-20154",
          "url": "https://bugzilla.suse.com/1200599"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200608 for CVE-2022-20154",
          "url": "https://bugzilla.suse.com/1200608"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1224298 for CVE-2022-20154",
          "url": "https://bugzilla.suse.com/1224298"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1224878 for CVE-2022-20154",
          "url": "https://bugzilla.suse.com/1224878"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-20154"
    },
    {
      "cve": "CVE-2022-21123",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-21123"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-21123",
          "url": "https://www.suse.com/security/cve/CVE-2022-21123"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199650 for CVE-2022-21123",
          "url": "https://bugzilla.suse.com/1199650"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200549 for CVE-2022-21123",
          "url": "https://bugzilla.suse.com/1200549"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1209075 for CVE-2022-21123",
          "url": "https://bugzilla.suse.com/1209075"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-21123"
    },
    {
      "cve": "CVE-2022-21125",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-21125"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-21125",
          "url": "https://www.suse.com/security/cve/CVE-2022-21125"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199650 for CVE-2022-21125",
          "url": "https://bugzilla.suse.com/1199650"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200549 for CVE-2022-21125",
          "url": "https://bugzilla.suse.com/1200549"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1209074 for CVE-2022-21125",
          "url": "https://bugzilla.suse.com/1209074"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-21125"
    },
    {
      "cve": "CVE-2022-21127",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-21127"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-21127",
          "url": "https://www.suse.com/security/cve/CVE-2022-21127"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199650 for CVE-2022-21127",
          "url": "https://bugzilla.suse.com/1199650"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200549 for CVE-2022-21127",
          "url": "https://bugzilla.suse.com/1200549"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-21127"
    },
    {
      "cve": "CVE-2022-21166",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-21166"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-21166",
          "url": "https://www.suse.com/security/cve/CVE-2022-21166"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199650 for CVE-2022-21166",
          "url": "https://bugzilla.suse.com/1199650"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200549 for CVE-2022-21166",
          "url": "https://bugzilla.suse.com/1200549"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1209073 for CVE-2022-21166",
          "url": "https://bugzilla.suse.com/1209073"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-21166"
    },
    {
      "cve": "CVE-2022-21180",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-21180"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Improper input validation for some Intel(R) Processors may allow an authenticated user to potentially cause a denial of service via local access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-21180",
          "url": "https://www.suse.com/security/cve/CVE-2022-21180"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199650 for CVE-2022-21180",
          "url": "https://bugzilla.suse.com/1199650"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200549 for CVE-2022-21180",
          "url": "https://bugzilla.suse.com/1200549"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1212313 for CVE-2022-21180",
          "url": "https://bugzilla.suse.com/1212313"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-21180"
    },
    {
      "cve": "CVE-2022-21499",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-21499"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-21499",
          "url": "https://www.suse.com/security/cve/CVE-2022-21499"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199426 for CVE-2022-21499",
          "url": "https://bugzilla.suse.com/1199426"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200059 for CVE-2022-21499",
          "url": "https://bugzilla.suse.com/1200059"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1203034 for CVE-2022-21499",
          "url": "https://bugzilla.suse.com/1203034"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-21499",
          "url": "https://bugzilla.suse.com/1204132"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1212315 for CVE-2022-21499",
          "url": "https://bugzilla.suse.com/1212315"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-21499"
    },
    {
      "cve": "CVE-2022-2318",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-2318"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-2318",
          "url": "https://www.suse.com/security/cve/CVE-2022-2318"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201251 for CVE-2022-2318",
          "url": "https://bugzilla.suse.com/1201251"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1212303 for CVE-2022-2318",
          "url": "https://bugzilla.suse.com/1212303"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-2318"
    },
    {
      "cve": "CVE-2022-23222",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-23222"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-23222",
          "url": "https://www.suse.com/security/cve/CVE-2022-23222"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194765 for CVE-2022-23222",
          "url": "https://bugzilla.suse.com/1194765"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-23222"
    },
    {
      "cve": "CVE-2022-26365",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-26365"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don\u0027t zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn\u0027t allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-26365",
          "url": "https://www.suse.com/security/cve/CVE-2022-26365"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200762 for CVE-2022-26365",
          "url": "https://bugzilla.suse.com/1200762"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-26365"
    },
    {
      "cve": "CVE-2022-26490",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-26490"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-26490",
          "url": "https://www.suse.com/security/cve/CVE-2022-26490"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196830 for CVE-2022-26490",
          "url": "https://bugzilla.suse.com/1196830"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201656 for CVE-2022-26490",
          "url": "https://bugzilla.suse.com/1201656"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201969 for CVE-2022-26490",
          "url": "https://bugzilla.suse.com/1201969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1211495 for CVE-2022-26490",
          "url": "https://bugzilla.suse.com/1211495"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-26490"
    },
    {
      "cve": "CVE-2022-29582",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-29582"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel before 5.17.3, fs/io_uring.c has a use-after-free due to a race condition in io_uring timeouts. This can be triggered by a local user who has no access to any user namespace; however, the race condition perhaps can only be exploited infrequently.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-29582",
          "url": "https://www.suse.com/security/cve/CVE-2022-29582"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198811 for CVE-2022-29582",
          "url": "https://bugzilla.suse.com/1198811"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199750 for CVE-2022-29582",
          "url": "https://bugzilla.suse.com/1199750"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-29582"
    },
    {
      "cve": "CVE-2022-29900",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-29900"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-29900",
          "url": "https://www.suse.com/security/cve/CVE-2022-29900"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199657 for CVE-2022-29900",
          "url": "https://bugzilla.suse.com/1199657"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201469 for CVE-2022-29900",
          "url": "https://bugzilla.suse.com/1201469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1207894 for CVE-2022-29900",
          "url": "https://bugzilla.suse.com/1207894"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-29900"
    },
    {
      "cve": "CVE-2022-29901",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-29901"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-29901",
          "url": "https://www.suse.com/security/cve/CVE-2022-29901"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201469 for CVE-2022-29901",
          "url": "https://bugzilla.suse.com/1201469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1207894 for CVE-2022-29901",
          "url": "https://bugzilla.suse.com/1207894"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-29901"
    },
    {
      "cve": "CVE-2022-30594",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-30594"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-30594",
          "url": "https://www.suse.com/security/cve/CVE-2022-30594"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199505 for CVE-2022-30594",
          "url": "https://bugzilla.suse.com/1199505"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199602 for CVE-2022-30594",
          "url": "https://bugzilla.suse.com/1199602"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201549 for CVE-2022-30594",
          "url": "https://bugzilla.suse.com/1201549"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-30594",
          "url": "https://bugzilla.suse.com/1204132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-30594"
    },
    {
      "cve": "CVE-2022-33740",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-33740"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don\u0027t zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn\u0027t allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-33740",
          "url": "https://www.suse.com/security/cve/CVE-2022-33740"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200762 for CVE-2022-33740",
          "url": "https://bugzilla.suse.com/1200762"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-33740"
    },
    {
      "cve": "CVE-2022-33741",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-33741"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don\u0027t zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn\u0027t allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-33741",
          "url": "https://www.suse.com/security/cve/CVE-2022-33741"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200762 for CVE-2022-33741",
          "url": "https://bugzilla.suse.com/1200762"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-33741"
    },
    {
      "cve": "CVE-2022-33742",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-33742"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don\u0027t zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn\u0027t allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-33742",
          "url": "https://www.suse.com/security/cve/CVE-2022-33742"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200762 for CVE-2022-33742",
          "url": "https://bugzilla.suse.com/1200762"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-33742"
    },
    {
      "cve": "CVE-2022-33743",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-33743"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path), a code label was moved in a way allowing for SKBs having references (pointers) retained for further processing to nevertheless be freed.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-33743",
          "url": "https://www.suse.com/security/cve/CVE-2022-33743"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200763 for CVE-2022-33743",
          "url": "https://bugzilla.suse.com/1200763"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201629 for CVE-2022-33743",
          "url": "https://bugzilla.suse.com/1201629"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-33743"
    },
    {
      "cve": "CVE-2022-33981",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-33981"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-33981",
          "url": "https://www.suse.com/security/cve/CVE-2022-33981"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200692 for CVE-2022-33981",
          "url": "https://bugzilla.suse.com/1200692"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-33981"
    },
    {
      "cve": "CVE-2022-34918",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-34918"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
          "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
          "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-34918",
          "url": "https://www.suse.com/security/cve/CVE-2022-34918"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201171 for CVE-2022-34918",
          "url": "https://bugzilla.suse.com/1201171"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201177 for CVE-2022-34918",
          "url": "https://bugzilla.suse.com/1201177"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201222 for CVE-2022-34918",
          "url": "https://bugzilla.suse.com/1201222"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_11-default-1-150400.9.5.3.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.aarch64",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.ppc64le",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.s390x",
            "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.11.1.150400.24.3.6.x86_64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.11.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.11.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.ppc64le",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.s390x",
            "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-07-21T16:35:09Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-34918"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes.\n\n\nTransient execution side-channel attacks attacking the Branch History Buffer (BHB),\nnamed \u0027Branch Target Injection\u0027 and \u0027Intra-Mode Branch History Injection\u0027 are now mitigated.\n\nThe following security bugs were fixed:\n\n- CVE-2022-0001: Fixed Branch History Injection vulnerability (bsc#1191580).\n- CVE-2022-0002: Fixed Intra-Mode Branch Target Injection vulnerability (bsc#1191580).\n- CVE-2022-0847: Fixed a vulnerability were a local attackers could overwrite data in arbitrary (read-only) files (bsc#1196584).\n- CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image. (bsc#1196079)\n- CVE-2022-0644: Fixed a denial of service by a local user. A assertion failure could be triggered in kernel_read_file_from_fd() (bsc#1196155).\n- CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were not considered, which lead to a move_data_page NULL pointer dereference (bsc#1195987).\n- CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in drivers/net/hamradio/yam.c (bsc#1195897).\n- CVE-2022-0487: A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c (bsc#1194516).\n- CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly (bsc#1195543).\n- CVE-2022-24448: Fixed an issue in fs/nfs/dir.c. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should have occured, but the server instead returned uninitialized data in the file descriptor (bsc#1195612).\n\nThe following non-security bugs were fixed:\n\n- NFSv4.x: by default serialize open/close operations (bsc#1114893 bsc#1195934).\n- crypto: af_alg - get_page upon reassignment to TX SGL (bsc#1195840).\n- hv_netvsc: fix network namespace issues with VF support (bsc#1107207).\n- hv_netvsc: move VF to same namespace as netvsc device (bsc#1107207).\n- lib/iov_iter: initialize \u0027flags\u0027 in new pipe_buffer (bsc#1196584).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2022-757,SUSE-OpenStack-Cloud-9-2022-757,SUSE-OpenStack-Cloud-Crowbar-9-2022-757,SUSE-SLE-HA-12-SP4-2022-757,SUSE-SLE-Live-Patching-12-SP4-2022-757,SUSE-SLE-SAP-12-SP4-2022-757,SUSE-SLE-SERVER-12-SP4-LTSS-2022-757",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_0757-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2022:0757-1",
        "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20220757-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2022:0757-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010402.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1107207",
        "url": "https://bugzilla.suse.com/1107207"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1114893",
        "url": "https://bugzilla.suse.com/1114893"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1185973",
        "url": "https://bugzilla.suse.com/1185973"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1191580",
        "url": "https://bugzilla.suse.com/1191580"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194516",
        "url": "https://bugzilla.suse.com/1194516"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195536",
        "url": "https://bugzilla.suse.com/1195536"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195543",
        "url": "https://bugzilla.suse.com/1195543"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195612",
        "url": "https://bugzilla.suse.com/1195612"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195840",
        "url": "https://bugzilla.suse.com/1195840"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195897",
        "url": "https://bugzilla.suse.com/1195897"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195908",
        "url": "https://bugzilla.suse.com/1195908"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195934",
        "url": "https://bugzilla.suse.com/1195934"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195949",
        "url": "https://bugzilla.suse.com/1195949"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195987",
        "url": "https://bugzilla.suse.com/1195987"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196079",
        "url": "https://bugzilla.suse.com/1196079"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196155",
        "url": "https://bugzilla.suse.com/1196155"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196584",
        "url": "https://bugzilla.suse.com/1196584"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196601",
        "url": "https://bugzilla.suse.com/1196601"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196612",
        "url": "https://bugzilla.suse.com/1196612"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-44879 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-44879/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0001 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0001/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0002 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0002/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0487 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0487/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0492 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0492/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0617 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0617/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0644 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0644/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0847 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0847/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24448 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24448/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24959 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24959/"
      }
    ],
    "title": "Security update for the Linux Kernel",
    "tracking": {
      "current_release_date": "2022-03-08T18:04:15Z",
      "generator": {
        "date": "2022-03-08T18:04:15Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2022:0757-1",
      "initial_release_date": "2022-03-08T18:04:15Z",
      "revision_history": [
        {
          "date": "2022-03-08T18:04:15Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-4.12.14-95.93.1.aarch64",
                "product": {
                  "name": "cluster-md-kmp-default-4.12.14-95.93.1.aarch64",
                  "product_id": "cluster-md-kmp-default-4.12.14-95.93.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-4.12.14-95.93.1.aarch64",
                "product": {
                  "name": "dlm-kmp-default-4.12.14-95.93.1.aarch64",
                  "product_id": "dlm-kmp-default-4.12.14-95.93.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-4.12.14-95.93.1.aarch64",
                "product": {
                  "name": "gfs2-kmp-default-4.12.14-95.93.1.aarch64",
                  "product_id": "gfs2-kmp-default-4.12.14-95.93.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-4.12.14-95.93.1.aarch64",
                "product": {
                  "name": "kernel-default-4.12.14-95.93.1.aarch64",
                  "product_id": "kernel-default-4.12.14-95.93.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-4.12.14-95.93.1.aarch64",
                "product": {
                  "name": "kernel-default-base-4.12.14-95.93.1.aarch64",
                  "product_id": "kernel-default-base-4.12.14-95.93.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-4.12.14-95.93.1.aarch64",
                "product": {
                  "name": "kernel-default-devel-4.12.14-95.93.1.aarch64",
                  "product_id": "kernel-default-devel-4.12.14-95.93.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-4.12.14-95.93.1.aarch64",
                "product": {
                  "name": "kernel-default-extra-4.12.14-95.93.1.aarch64",
                  "product_id": "kernel-default-extra-4.12.14-95.93.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-kgraft-4.12.14-95.93.1.aarch64",
                "product": {
                  "name": "kernel-default-kgraft-4.12.14-95.93.1.aarch64",
                  "product_id": "kernel-default-kgraft-4.12.14-95.93.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-kgraft-devel-4.12.14-95.93.1.aarch64",
                "product": {
                  "name": "kernel-default-kgraft-devel-4.12.14-95.93.1.aarch64",
                  "product_id": "kernel-default-kgraft-devel-4.12.14-95.93.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-4.12.14-95.93.1.aarch64",
                "product": {
                  "name": "kernel-obs-build-4.12.14-95.93.1.aarch64",
                  "product_id": "kernel-obs-build-4.12.14-95.93.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-4.12.14-95.93.1.aarch64",
                "product": {
                  "name": "kernel-obs-qa-4.12.14-95.93.1.aarch64",
                  "product_id": "kernel-obs-qa-4.12.14-95.93.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-4.12.14-95.93.1.aarch64",
                "product": {
                  "name": "kernel-syms-4.12.14-95.93.1.aarch64",
                  "product_id": "kernel-syms-4.12.14-95.93.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-4.12.14-95.93.1.aarch64",
                "product": {
                  "name": "kernel-vanilla-4.12.14-95.93.1.aarch64",
                  "product_id": "kernel-vanilla-4.12.14-95.93.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-base-4.12.14-95.93.1.aarch64",
                "product": {
                  "name": "kernel-vanilla-base-4.12.14-95.93.1.aarch64",
                  "product_id": "kernel-vanilla-base-4.12.14-95.93.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-devel-4.12.14-95.93.1.aarch64",
                "product": {
                  "name": "kernel-vanilla-devel-4.12.14-95.93.1.aarch64",
                  "product_id": "kernel-vanilla-devel-4.12.14-95.93.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-kgraft-devel-4.12.14-95.93.1.aarch64",
                "product": {
                  "name": "kernel-vanilla-kgraft-devel-4.12.14-95.93.1.aarch64",
                  "product_id": "kernel-vanilla-kgraft-devel-4.12.14-95.93.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-4.12.14-95.93.1.aarch64",
                "product": {
                  "name": "kselftests-kmp-default-4.12.14-95.93.1.aarch64",
                  "product_id": "kselftests-kmp-default-4.12.14-95.93.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-4.12.14-95.93.1.aarch64",
                "product": {
                  "name": "ocfs2-kmp-default-4.12.14-95.93.1.aarch64",
                  "product_id": "ocfs2-kmp-default-4.12.14-95.93.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-devel-4.12.14-95.93.1.noarch",
                "product": {
                  "name": "kernel-devel-4.12.14-95.93.1.noarch",
                  "product_id": "kernel-devel-4.12.14-95.93.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-docs-4.12.14-95.93.1.noarch",
                "product": {
                  "name": "kernel-docs-4.12.14-95.93.1.noarch",
                  "product_id": "kernel-docs-4.12.14-95.93.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-docs-html-4.12.14-95.93.1.noarch",
                "product": {
                  "name": "kernel-docs-html-4.12.14-95.93.1.noarch",
                  "product_id": "kernel-docs-html-4.12.14-95.93.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-macros-4.12.14-95.93.1.noarch",
                "product": {
                  "name": "kernel-macros-4.12.14-95.93.1.noarch",
                  "product_id": "kernel-macros-4.12.14-95.93.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-4.12.14-95.93.1.noarch",
                "product": {
                  "name": "kernel-source-4.12.14-95.93.1.noarch",
                  "product_id": "kernel-source-4.12.14-95.93.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-vanilla-4.12.14-95.93.1.noarch",
                "product": {
                  "name": "kernel-source-vanilla-4.12.14-95.93.1.noarch",
                  "product_id": "kernel-source-vanilla-4.12.14-95.93.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-4.12.14-95.93.1.ppc64le",
                "product": {
                  "name": "cluster-md-kmp-default-4.12.14-95.93.1.ppc64le",
                  "product_id": "cluster-md-kmp-default-4.12.14-95.93.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-4.12.14-95.93.1.ppc64le",
                "product": {
                  "name": "dlm-kmp-default-4.12.14-95.93.1.ppc64le",
                  "product_id": "dlm-kmp-default-4.12.14-95.93.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-4.12.14-95.93.1.ppc64le",
                "product": {
                  "name": "gfs2-kmp-default-4.12.14-95.93.1.ppc64le",
                  "product_id": "gfs2-kmp-default-4.12.14-95.93.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-4.12.14-95.93.1.ppc64le",
                "product": {
                  "name": "kernel-debug-4.12.14-95.93.1.ppc64le",
                  "product_id": "kernel-debug-4.12.14-95.93.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-base-4.12.14-95.93.1.ppc64le",
                "product": {
                  "name": "kernel-debug-base-4.12.14-95.93.1.ppc64le",
                  "product_id": "kernel-debug-base-4.12.14-95.93.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-devel-4.12.14-95.93.1.ppc64le",
                "product": {
                  "name": "kernel-debug-devel-4.12.14-95.93.1.ppc64le",
                  "product_id": "kernel-debug-devel-4.12.14-95.93.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-kgraft-devel-4.12.14-95.93.1.ppc64le",
                "product": {
                  "name": "kernel-debug-kgraft-devel-4.12.14-95.93.1.ppc64le",
                  "product_id": "kernel-debug-kgraft-devel-4.12.14-95.93.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-4.12.14-95.93.1.ppc64le",
                "product": {
                  "name": "kernel-default-4.12.14-95.93.1.ppc64le",
                  "product_id": "kernel-default-4.12.14-95.93.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-4.12.14-95.93.1.ppc64le",
                "product": {
                  "name": "kernel-default-base-4.12.14-95.93.1.ppc64le",
                  "product_id": "kernel-default-base-4.12.14-95.93.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-4.12.14-95.93.1.ppc64le",
                "product": {
                  "name": "kernel-default-devel-4.12.14-95.93.1.ppc64le",
                  "product_id": "kernel-default-devel-4.12.14-95.93.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-4.12.14-95.93.1.ppc64le",
                "product": {
                  "name": "kernel-default-extra-4.12.14-95.93.1.ppc64le",
                  "product_id": "kernel-default-extra-4.12.14-95.93.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-kgraft-4.12.14-95.93.1.ppc64le",
                "product": {
                  "name": "kernel-default-kgraft-4.12.14-95.93.1.ppc64le",
                  "product_id": "kernel-default-kgraft-4.12.14-95.93.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le",
                "product": {
                  "name": "kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le",
                  "product_id": "kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-4.12.14-95.93.1.ppc64le",
                "product": {
                  "name": "kernel-obs-build-4.12.14-95.93.1.ppc64le",
                  "product_id": "kernel-obs-build-4.12.14-95.93.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-4.12.14-95.93.1.ppc64le",
                "product": {
                  "name": "kernel-obs-qa-4.12.14-95.93.1.ppc64le",
                  "product_id": "kernel-obs-qa-4.12.14-95.93.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-4.12.14-95.93.1.ppc64le",
                "product": {
                  "name": "kernel-syms-4.12.14-95.93.1.ppc64le",
                  "product_id": "kernel-syms-4.12.14-95.93.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-4.12.14-95.93.1.ppc64le",
                "product": {
                  "name": "kernel-vanilla-4.12.14-95.93.1.ppc64le",
                  "product_id": "kernel-vanilla-4.12.14-95.93.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-base-4.12.14-95.93.1.ppc64le",
                "product": {
                  "name": "kernel-vanilla-base-4.12.14-95.93.1.ppc64le",
                  "product_id": "kernel-vanilla-base-4.12.14-95.93.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-devel-4.12.14-95.93.1.ppc64le",
                "product": {
                  "name": "kernel-vanilla-devel-4.12.14-95.93.1.ppc64le",
                  "product_id": "kernel-vanilla-devel-4.12.14-95.93.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-kgraft-devel-4.12.14-95.93.1.ppc64le",
                "product": {
                  "name": "kernel-vanilla-kgraft-devel-4.12.14-95.93.1.ppc64le",
                  "product_id": "kernel-vanilla-kgraft-devel-4.12.14-95.93.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le",
                "product": {
                  "name": "kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le",
                  "product_id": "kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-4.12.14-95.93.1.ppc64le",
                "product": {
                  "name": "kselftests-kmp-default-4.12.14-95.93.1.ppc64le",
                  "product_id": "kselftests-kmp-default-4.12.14-95.93.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-4.12.14-95.93.1.ppc64le",
                "product": {
                  "name": "ocfs2-kmp-default-4.12.14-95.93.1.ppc64le",
                  "product_id": "ocfs2-kmp-default-4.12.14-95.93.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-4.12.14-95.93.1.s390x",
                "product": {
                  "name": "cluster-md-kmp-default-4.12.14-95.93.1.s390x",
                  "product_id": "cluster-md-kmp-default-4.12.14-95.93.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-4.12.14-95.93.1.s390x",
                "product": {
                  "name": "dlm-kmp-default-4.12.14-95.93.1.s390x",
                  "product_id": "dlm-kmp-default-4.12.14-95.93.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-4.12.14-95.93.1.s390x",
                "product": {
                  "name": "gfs2-kmp-default-4.12.14-95.93.1.s390x",
                  "product_id": "gfs2-kmp-default-4.12.14-95.93.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-4.12.14-95.93.1.s390x",
                "product": {
                  "name": "kernel-default-4.12.14-95.93.1.s390x",
                  "product_id": "kernel-default-4.12.14-95.93.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-4.12.14-95.93.1.s390x",
                "product": {
                  "name": "kernel-default-base-4.12.14-95.93.1.s390x",
                  "product_id": "kernel-default-base-4.12.14-95.93.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-4.12.14-95.93.1.s390x",
                "product": {
                  "name": "kernel-default-devel-4.12.14-95.93.1.s390x",
                  "product_id": "kernel-default-devel-4.12.14-95.93.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-4.12.14-95.93.1.s390x",
                "product": {
                  "name": "kernel-default-extra-4.12.14-95.93.1.s390x",
                  "product_id": "kernel-default-extra-4.12.14-95.93.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-kgraft-4.12.14-95.93.1.s390x",
                "product": {
                  "name": "kernel-default-kgraft-4.12.14-95.93.1.s390x",
                  "product_id": "kernel-default-kgraft-4.12.14-95.93.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-kgraft-devel-4.12.14-95.93.1.s390x",
                "product": {
                  "name": "kernel-default-kgraft-devel-4.12.14-95.93.1.s390x",
                  "product_id": "kernel-default-kgraft-devel-4.12.14-95.93.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-man-4.12.14-95.93.1.s390x",
                "product": {
                  "name": "kernel-default-man-4.12.14-95.93.1.s390x",
                  "product_id": "kernel-default-man-4.12.14-95.93.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-4.12.14-95.93.1.s390x",
                "product": {
                  "name": "kernel-obs-build-4.12.14-95.93.1.s390x",
                  "product_id": "kernel-obs-build-4.12.14-95.93.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-4.12.14-95.93.1.s390x",
                "product": {
                  "name": "kernel-obs-qa-4.12.14-95.93.1.s390x",
                  "product_id": "kernel-obs-qa-4.12.14-95.93.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-4.12.14-95.93.1.s390x",
                "product": {
                  "name": "kernel-syms-4.12.14-95.93.1.s390x",
                  "product_id": "kernel-syms-4.12.14-95.93.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-4.12.14-95.93.1.s390x",
                "product": {
                  "name": "kernel-vanilla-4.12.14-95.93.1.s390x",
                  "product_id": "kernel-vanilla-4.12.14-95.93.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-base-4.12.14-95.93.1.s390x",
                "product": {
                  "name": "kernel-vanilla-base-4.12.14-95.93.1.s390x",
                  "product_id": "kernel-vanilla-base-4.12.14-95.93.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-devel-4.12.14-95.93.1.s390x",
                "product": {
                  "name": "kernel-vanilla-devel-4.12.14-95.93.1.s390x",
                  "product_id": "kernel-vanilla-devel-4.12.14-95.93.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-kgraft-devel-4.12.14-95.93.1.s390x",
                "product": {
                  "name": "kernel-vanilla-kgraft-devel-4.12.14-95.93.1.s390x",
                  "product_id": "kernel-vanilla-kgraft-devel-4.12.14-95.93.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-zfcpdump-4.12.14-95.93.1.s390x",
                "product": {
                  "name": "kernel-zfcpdump-4.12.14-95.93.1.s390x",
                  "product_id": "kernel-zfcpdump-4.12.14-95.93.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-zfcpdump-man-4.12.14-95.93.1.s390x",
                "product": {
                  "name": "kernel-zfcpdump-man-4.12.14-95.93.1.s390x",
                  "product_id": "kernel-zfcpdump-man-4.12.14-95.93.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x",
                "product": {
                  "name": "kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x",
                  "product_id": "kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-4.12.14-95.93.1.s390x",
                "product": {
                  "name": "kselftests-kmp-default-4.12.14-95.93.1.s390x",
                  "product_id": "kselftests-kmp-default-4.12.14-95.93.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-4.12.14-95.93.1.s390x",
                "product": {
                  "name": "ocfs2-kmp-default-4.12.14-95.93.1.s390x",
                  "product_id": "ocfs2-kmp-default-4.12.14-95.93.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-4.12.14-95.93.1.x86_64",
                "product": {
                  "name": "cluster-md-kmp-default-4.12.14-95.93.1.x86_64",
                  "product_id": "cluster-md-kmp-default-4.12.14-95.93.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-4.12.14-95.93.1.x86_64",
                "product": {
                  "name": "dlm-kmp-default-4.12.14-95.93.1.x86_64",
                  "product_id": "dlm-kmp-default-4.12.14-95.93.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-4.12.14-95.93.1.x86_64",
                "product": {
                  "name": "gfs2-kmp-default-4.12.14-95.93.1.x86_64",
                  "product_id": "gfs2-kmp-default-4.12.14-95.93.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-4.12.14-95.93.1.x86_64",
                "product": {
                  "name": "kernel-debug-4.12.14-95.93.1.x86_64",
                  "product_id": "kernel-debug-4.12.14-95.93.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-base-4.12.14-95.93.1.x86_64",
                "product": {
                  "name": "kernel-debug-base-4.12.14-95.93.1.x86_64",
                  "product_id": "kernel-debug-base-4.12.14-95.93.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-devel-4.12.14-95.93.1.x86_64",
                "product": {
                  "name": "kernel-debug-devel-4.12.14-95.93.1.x86_64",
                  "product_id": "kernel-debug-devel-4.12.14-95.93.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-kgraft-devel-4.12.14-95.93.1.x86_64",
                "product": {
                  "name": "kernel-debug-kgraft-devel-4.12.14-95.93.1.x86_64",
                  "product_id": "kernel-debug-kgraft-devel-4.12.14-95.93.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-4.12.14-95.93.1.x86_64",
                "product": {
                  "name": "kernel-default-4.12.14-95.93.1.x86_64",
                  "product_id": "kernel-default-4.12.14-95.93.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-4.12.14-95.93.1.x86_64",
                "product": {
                  "name": "kernel-default-base-4.12.14-95.93.1.x86_64",
                  "product_id": "kernel-default-base-4.12.14-95.93.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-4.12.14-95.93.1.x86_64",
                "product": {
                  "name": "kernel-default-devel-4.12.14-95.93.1.x86_64",
                  "product_id": "kernel-default-devel-4.12.14-95.93.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-4.12.14-95.93.1.x86_64",
                "product": {
                  "name": "kernel-default-extra-4.12.14-95.93.1.x86_64",
                  "product_id": "kernel-default-extra-4.12.14-95.93.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-kgraft-4.12.14-95.93.1.x86_64",
                "product": {
                  "name": "kernel-default-kgraft-4.12.14-95.93.1.x86_64",
                  "product_id": "kernel-default-kgraft-4.12.14-95.93.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64",
                "product": {
                  "name": "kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64",
                  "product_id": "kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-4.12.14-95.93.1.x86_64",
                "product": {
                  "name": "kernel-kvmsmall-4.12.14-95.93.1.x86_64",
                  "product_id": "kernel-kvmsmall-4.12.14-95.93.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-base-4.12.14-95.93.1.x86_64",
                "product": {
                  "name": "kernel-kvmsmall-base-4.12.14-95.93.1.x86_64",
                  "product_id": "kernel-kvmsmall-base-4.12.14-95.93.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-devel-4.12.14-95.93.1.x86_64",
                "product": {
                  "name": "kernel-kvmsmall-devel-4.12.14-95.93.1.x86_64",
                  "product_id": "kernel-kvmsmall-devel-4.12.14-95.93.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-kgraft-devel-4.12.14-95.93.1.x86_64",
                "product": {
                  "name": "kernel-kvmsmall-kgraft-devel-4.12.14-95.93.1.x86_64",
                  "product_id": "kernel-kvmsmall-kgraft-devel-4.12.14-95.93.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-4.12.14-95.93.1.x86_64",
                "product": {
                  "name": "kernel-obs-build-4.12.14-95.93.1.x86_64",
                  "product_id": "kernel-obs-build-4.12.14-95.93.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-4.12.14-95.93.1.x86_64",
                "product": {
                  "name": "kernel-obs-qa-4.12.14-95.93.1.x86_64",
                  "product_id": "kernel-obs-qa-4.12.14-95.93.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-4.12.14-95.93.1.x86_64",
                "product": {
                  "name": "kernel-syms-4.12.14-95.93.1.x86_64",
                  "product_id": "kernel-syms-4.12.14-95.93.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-4.12.14-95.93.1.x86_64",
                "product": {
                  "name": "kernel-vanilla-4.12.14-95.93.1.x86_64",
                  "product_id": "kernel-vanilla-4.12.14-95.93.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-base-4.12.14-95.93.1.x86_64",
                "product": {
                  "name": "kernel-vanilla-base-4.12.14-95.93.1.x86_64",
                  "product_id": "kernel-vanilla-base-4.12.14-95.93.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-devel-4.12.14-95.93.1.x86_64",
                "product": {
                  "name": "kernel-vanilla-devel-4.12.14-95.93.1.x86_64",
                  "product_id": "kernel-vanilla-devel-4.12.14-95.93.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-kgraft-devel-4.12.14-95.93.1.x86_64",
                "product": {
                  "name": "kernel-vanilla-kgraft-devel-4.12.14-95.93.1.x86_64",
                  "product_id": "kernel-vanilla-kgraft-devel-4.12.14-95.93.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64",
                "product": {
                  "name": "kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64",
                  "product_id": "kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-4.12.14-95.93.1.x86_64",
                "product": {
                  "name": "kselftests-kmp-default-4.12.14-95.93.1.x86_64",
                  "product_id": "kselftests-kmp-default-4.12.14-95.93.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-4.12.14-95.93.1.x86_64",
                "product": {
                  "name": "ocfs2-kmp-default-4.12.14-95.93.1.x86_64",
                  "product_id": "ocfs2-kmp-default-4.12.14-95.93.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE OpenStack Cloud 9",
                "product": {
                  "name": "SUSE OpenStack Cloud 9",
                  "product_id": "SUSE OpenStack Cloud 9",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse-openstack-cloud:9"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE OpenStack Cloud Crowbar 9",
                "product": {
                  "name": "SUSE OpenStack Cloud Crowbar 9",
                  "product_id": "SUSE OpenStack Cloud Crowbar 9",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse-openstack-cloud-crowbar:9"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Availability Extension 12 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise High Availability Extension 12 SP4",
                  "product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-ha:12:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Live Patching 12 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise Live Patching 12 SP4",
                  "product_id": "SUSE Linux Enterprise Live Patching 12 SP4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-live-patching:12:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:12:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 12 SP4-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12 SP4-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:12:sp4"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-95.93.1.x86_64 as component of SUSE OpenStack Cloud 9",
          "product_id": "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.93.1.x86_64"
        },
        "product_reference": "kernel-default-4.12.14-95.93.1.x86_64",
        "relates_to_product_reference": "SUSE OpenStack Cloud 9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-95.93.1.x86_64 as component of SUSE OpenStack Cloud 9",
          "product_id": "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.93.1.x86_64"
        },
        "product_reference": "kernel-default-base-4.12.14-95.93.1.x86_64",
        "relates_to_product_reference": "SUSE OpenStack Cloud 9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-95.93.1.x86_64 as component of SUSE OpenStack Cloud 9",
          "product_id": "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.93.1.x86_64"
        },
        "product_reference": "kernel-default-devel-4.12.14-95.93.1.x86_64",
        "relates_to_product_reference": "SUSE OpenStack Cloud 9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-4.12.14-95.93.1.noarch as component of SUSE OpenStack Cloud 9",
          "product_id": "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.93.1.noarch"
        },
        "product_reference": "kernel-devel-4.12.14-95.93.1.noarch",
        "relates_to_product_reference": "SUSE OpenStack Cloud 9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-4.12.14-95.93.1.noarch as component of SUSE OpenStack Cloud 9",
          "product_id": "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.93.1.noarch"
        },
        "product_reference": "kernel-macros-4.12.14-95.93.1.noarch",
        "relates_to_product_reference": "SUSE OpenStack Cloud 9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-4.12.14-95.93.1.noarch as component of SUSE OpenStack Cloud 9",
          "product_id": "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.93.1.noarch"
        },
        "product_reference": "kernel-source-4.12.14-95.93.1.noarch",
        "relates_to_product_reference": "SUSE OpenStack Cloud 9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-95.93.1.x86_64 as component of SUSE OpenStack Cloud 9",
          "product_id": "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.93.1.x86_64"
        },
        "product_reference": "kernel-syms-4.12.14-95.93.1.x86_64",
        "relates_to_product_reference": "SUSE OpenStack Cloud 9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-95.93.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
          "product_id": "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.93.1.x86_64"
        },
        "product_reference": "kernel-default-4.12.14-95.93.1.x86_64",
        "relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-95.93.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
          "product_id": "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.93.1.x86_64"
        },
        "product_reference": "kernel-default-base-4.12.14-95.93.1.x86_64",
        "relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-95.93.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
          "product_id": "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.93.1.x86_64"
        },
        "product_reference": "kernel-default-devel-4.12.14-95.93.1.x86_64",
        "relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-4.12.14-95.93.1.noarch as component of SUSE OpenStack Cloud Crowbar 9",
          "product_id": "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.93.1.noarch"
        },
        "product_reference": "kernel-devel-4.12.14-95.93.1.noarch",
        "relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-4.12.14-95.93.1.noarch as component of SUSE OpenStack Cloud Crowbar 9",
          "product_id": "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.93.1.noarch"
        },
        "product_reference": "kernel-macros-4.12.14-95.93.1.noarch",
        "relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-4.12.14-95.93.1.noarch as component of SUSE OpenStack Cloud Crowbar 9",
          "product_id": "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.93.1.noarch"
        },
        "product_reference": "kernel-source-4.12.14-95.93.1.noarch",
        "relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-95.93.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
          "product_id": "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.93.1.x86_64"
        },
        "product_reference": "kernel-syms-4.12.14-95.93.1.x86_64",
        "relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-4.12.14-95.93.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
          "product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.ppc64le"
        },
        "product_reference": "cluster-md-kmp-default-4.12.14-95.93.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-4.12.14-95.93.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
          "product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.s390x"
        },
        "product_reference": "cluster-md-kmp-default-4.12.14-95.93.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-4.12.14-95.93.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
          "product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.x86_64"
        },
        "product_reference": "cluster-md-kmp-default-4.12.14-95.93.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-4.12.14-95.93.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
          "product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.ppc64le"
        },
        "product_reference": "dlm-kmp-default-4.12.14-95.93.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-4.12.14-95.93.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
          "product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.s390x"
        },
        "product_reference": "dlm-kmp-default-4.12.14-95.93.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-4.12.14-95.93.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
          "product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.x86_64"
        },
        "product_reference": "dlm-kmp-default-4.12.14-95.93.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-4.12.14-95.93.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
          "product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.ppc64le"
        },
        "product_reference": "gfs2-kmp-default-4.12.14-95.93.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-4.12.14-95.93.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
          "product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.s390x"
        },
        "product_reference": "gfs2-kmp-default-4.12.14-95.93.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-4.12.14-95.93.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
          "product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.x86_64"
        },
        "product_reference": "gfs2-kmp-default-4.12.14-95.93.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-4.12.14-95.93.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
          "product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.ppc64le"
        },
        "product_reference": "ocfs2-kmp-default-4.12.14-95.93.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-4.12.14-95.93.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
          "product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.s390x"
        },
        "product_reference": "ocfs2-kmp-default-4.12.14-95.93.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-4.12.14-95.93.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
          "product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.x86_64"
        },
        "product_reference": "ocfs2-kmp-default-4.12.14-95.93.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-kgraft-4.12.14-95.93.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4",
          "product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.ppc64le"
        },
        "product_reference": "kernel-default-kgraft-4.12.14-95.93.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-kgraft-4.12.14-95.93.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP4",
          "product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.s390x"
        },
        "product_reference": "kernel-default-kgraft-4.12.14-95.93.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-kgraft-4.12.14-95.93.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4",
          "product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.x86_64"
        },
        "product_reference": "kernel-default-kgraft-4.12.14-95.93.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4",
          "product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le"
        },
        "product_reference": "kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-kgraft-devel-4.12.14-95.93.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP4",
          "product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.s390x"
        },
        "product_reference": "kernel-default-kgraft-devel-4.12.14-95.93.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4",
          "product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64"
        },
        "product_reference": "kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4",
          "product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le"
        },
        "product_reference": "kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP4",
          "product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x"
        },
        "product_reference": "kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4",
          "product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64"
        },
        "product_reference": "kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-95.93.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.ppc64le"
        },
        "product_reference": "kernel-default-4.12.14-95.93.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-95.93.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.x86_64"
        },
        "product_reference": "kernel-default-4.12.14-95.93.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-95.93.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.ppc64le"
        },
        "product_reference": "kernel-default-base-4.12.14-95.93.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-95.93.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.x86_64"
        },
        "product_reference": "kernel-default-base-4.12.14-95.93.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-95.93.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.ppc64le"
        },
        "product_reference": "kernel-default-devel-4.12.14-95.93.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-95.93.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.x86_64"
        },
        "product_reference": "kernel-default-devel-4.12.14-95.93.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-4.12.14-95.93.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.93.1.noarch"
        },
        "product_reference": "kernel-devel-4.12.14-95.93.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-4.12.14-95.93.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.93.1.noarch"
        },
        "product_reference": "kernel-macros-4.12.14-95.93.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-4.12.14-95.93.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.93.1.noarch"
        },
        "product_reference": "kernel-source-4.12.14-95.93.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-95.93.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.ppc64le"
        },
        "product_reference": "kernel-syms-4.12.14-95.93.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-95.93.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.x86_64"
        },
        "product_reference": "kernel-syms-4.12.14-95.93.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-95.93.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.aarch64"
        },
        "product_reference": "kernel-default-4.12.14-95.93.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-95.93.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.ppc64le"
        },
        "product_reference": "kernel-default-4.12.14-95.93.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-95.93.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.s390x"
        },
        "product_reference": "kernel-default-4.12.14-95.93.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-95.93.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.x86_64"
        },
        "product_reference": "kernel-default-4.12.14-95.93.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-95.93.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.aarch64"
        },
        "product_reference": "kernel-default-base-4.12.14-95.93.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-95.93.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.ppc64le"
        },
        "product_reference": "kernel-default-base-4.12.14-95.93.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-95.93.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.s390x"
        },
        "product_reference": "kernel-default-base-4.12.14-95.93.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-95.93.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.x86_64"
        },
        "product_reference": "kernel-default-base-4.12.14-95.93.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-95.93.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.aarch64"
        },
        "product_reference": "kernel-default-devel-4.12.14-95.93.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-95.93.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.ppc64le"
        },
        "product_reference": "kernel-default-devel-4.12.14-95.93.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-95.93.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.s390x"
        },
        "product_reference": "kernel-default-devel-4.12.14-95.93.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-95.93.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.x86_64"
        },
        "product_reference": "kernel-default-devel-4.12.14-95.93.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-man-4.12.14-95.93.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.93.1.s390x"
        },
        "product_reference": "kernel-default-man-4.12.14-95.93.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-4.12.14-95.93.1.noarch as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.93.1.noarch"
        },
        "product_reference": "kernel-devel-4.12.14-95.93.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-4.12.14-95.93.1.noarch as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.93.1.noarch"
        },
        "product_reference": "kernel-macros-4.12.14-95.93.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-4.12.14-95.93.1.noarch as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.93.1.noarch"
        },
        "product_reference": "kernel-source-4.12.14-95.93.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-95.93.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.aarch64"
        },
        "product_reference": "kernel-syms-4.12.14-95.93.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-95.93.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.ppc64le"
        },
        "product_reference": "kernel-syms-4.12.14-95.93.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-95.93.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.s390x"
        },
        "product_reference": "kernel-syms-4.12.14-95.93.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-95.93.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.x86_64"
        },
        "product_reference": "kernel-syms-4.12.14-95.93.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-44879",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-44879"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.93.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-44879",
          "url": "https://www.suse.com/security/cve/CVE-2021-44879"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195987 for CVE-2021-44879",
          "url": "https://bugzilla.suse.com/1195987"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.93.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.93.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-08T18:04:15Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-44879"
    },
    {
      "cve": "CVE-2022-0001",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0001"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.93.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0001",
          "url": "https://www.suse.com/security/cve/CVE-2022-0001"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191580 for CVE-2022-0001",
          "url": "https://bugzilla.suse.com/1191580"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196901 for CVE-2022-0001",
          "url": "https://bugzilla.suse.com/1196901"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.93.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.93.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-08T18:04:15Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0001"
    },
    {
      "cve": "CVE-2022-0002",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0002"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.93.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0002",
          "url": "https://www.suse.com/security/cve/CVE-2022-0002"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191580 for CVE-2022-0002",
          "url": "https://bugzilla.suse.com/1191580"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196901 for CVE-2022-0002",
          "url": "https://bugzilla.suse.com/1196901"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.93.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.93.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-08T18:04:15Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0002"
    },
    {
      "cve": "CVE-2022-0487",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0487"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.93.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0487",
          "url": "https://www.suse.com/security/cve/CVE-2022-0487"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194516 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1194516"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195949 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1195949"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198615 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1198615"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.93.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.93.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-08T18:04:15Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0487"
    },
    {
      "cve": "CVE-2022-0492",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0492"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability was found in the Linux kernel\u0027s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.93.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0492",
          "url": "https://www.suse.com/security/cve/CVE-2022-0492"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195543 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1195543"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195908 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1195908"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196612 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1196612"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196776 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1196776"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198615 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1198615"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199255 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1199255"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199615 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1199615"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200084 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1200084"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.93.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.93.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-08T18:04:15Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0492"
    },
    {
      "cve": "CVE-2022-0617",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0617"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.93.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0617",
          "url": "https://www.suse.com/security/cve/CVE-2022-0617"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196079 for CVE-2022-0617",
          "url": "https://bugzilla.suse.com/1196079"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.93.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.93.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-08T18:04:15Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0617"
    },
    {
      "cve": "CVE-2022-0644",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0644"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.93.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0644",
          "url": "https://www.suse.com/security/cve/CVE-2022-0644"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196155 for CVE-2022-0644",
          "url": "https://bugzilla.suse.com/1196155"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.93.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.93.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-08T18:04:15Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0644"
    },
    {
      "cve": "CVE-2022-0847",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0847"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in the way the \"flags\" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.93.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0847",
          "url": "https://www.suse.com/security/cve/CVE-2022-0847"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196584 for CVE-2022-0847",
          "url": "https://bugzilla.suse.com/1196584"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196601 for CVE-2022-0847",
          "url": "https://bugzilla.suse.com/1196601"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.93.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.93.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-08T18:04:15Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-0847"
    },
    {
      "cve": "CVE-2022-24448",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24448"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file descriptor.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.93.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24448",
          "url": "https://www.suse.com/security/cve/CVE-2022-24448"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195612 for CVE-2022-24448",
          "url": "https://bugzilla.suse.com/1195612"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.93.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.93.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-08T18:04:15Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24448"
    },
    {
      "cve": "CVE-2022-24959",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24959"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in yam_siocdevprivate in drivers/net/hamradio/yam.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.s390x",
          "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.93.1.noarch",
          "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.93.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24959",
          "url": "https://www.suse.com/security/cve/CVE-2022-24959"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195897 for CVE-2022-24959",
          "url": "https://bugzilla.suse.com/1195897"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.93.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-1-6.5.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.s390x",
            "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.93.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.93.1.noarch",
            "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.93.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-08T18:04:15Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24959"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes.\n\n\nTransient execution side-channel attacks attacking the Branch History Buffer (BHB),\nnamed \u0027Branch Target Injection\u0027 and \u0027Intra-Mode Branch History Injection\u0027 are now mitigated.\n\nThe following security bugs were fixed:\n\n- CVE-2022-0001: Fixed Branch History Injection vulnerability (bsc#1191580).\n- CVE-2022-0002: Fixed Intra-Mode Branch Target Injection vulnerability (bsc#1191580).\n- CVE-2022-0847: Fixed a vulnerability were a local attackers could overwrite data in arbitrary (read-only) files (bsc#1196584).\n- CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image. (bsc#1196079)\n- CVE-2022-0644: Fixed a denial of service by a local user. A assertion failure could be triggered in kernel_read_file_from_fd() (bsc#1196155).\n- CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were not considered, which lead to a move_data_page NULL pointer dereference (bsc#1195987).\n- CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in drivers/net/hamradio/yam.c (bsc#1195897).\n- CVE-2022-0487: A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c (bsc#1194516).\n- CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly (bsc#1195543).\n- CVE-2022-24448: Fixed an issue in fs/nfs/dir.c. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should have occured, but the server instead returned uninitialized data in the file descriptor (bsc#1195612).\n\n\nThe following non-security bugs were fixed:\n\n- crypto: af_alg - get_page upon reassignment to TX SGL (bsc#1195840).\n- lib/iov_iter: initialize \u0027flags\u0027 in new pipe_buffer (bsc#1196584).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2022-768,SUSE-SLE-Module-Live-Patching-15-SP1-2022-768,SUSE-SLE-Product-HA-15-SP1-2022-768,SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-768,SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-768,SUSE-SLE-Product-SLES-15-SP1-BCL-2022-768,SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-768,SUSE-SLE-Product-SLES_SAP-15-SP1-2022-768,SUSE-Storage-6-2022-768",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_0768-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2022:0768-1",
        "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20220768-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2022:0768-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010395.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1185973",
        "url": "https://bugzilla.suse.com/1185973"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1191580",
        "url": "https://bugzilla.suse.com/1191580"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194516",
        "url": "https://bugzilla.suse.com/1194516"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195536",
        "url": "https://bugzilla.suse.com/1195536"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195543",
        "url": "https://bugzilla.suse.com/1195543"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195612",
        "url": "https://bugzilla.suse.com/1195612"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195840",
        "url": "https://bugzilla.suse.com/1195840"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195897",
        "url": "https://bugzilla.suse.com/1195897"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195908",
        "url": "https://bugzilla.suse.com/1195908"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195949",
        "url": "https://bugzilla.suse.com/1195949"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195987",
        "url": "https://bugzilla.suse.com/1195987"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196079",
        "url": "https://bugzilla.suse.com/1196079"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196155",
        "url": "https://bugzilla.suse.com/1196155"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196584",
        "url": "https://bugzilla.suse.com/1196584"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196612",
        "url": "https://bugzilla.suse.com/1196612"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-44879 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-44879/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0001 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0001/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0002 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0002/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0487 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0487/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0492 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0492/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0617 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0617/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0644 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0644/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0847 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0847/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24448 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24448/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24959 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24959/"
      }
    ],
    "title": "Security update for the Linux Kernel",
    "tracking": {
      "current_release_date": "2022-03-09T09:10:04Z",
      "generator": {
        "date": "2022-03-09T09:10:04Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2022:0768-1",
      "initial_release_date": "2022-03-09T09:10:04Z",
      "revision_history": [
        {
          "date": "2022-03-09T09:10:04Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-4.12.14-197.108.1.aarch64",
                "product": {
                  "name": "cluster-md-kmp-default-4.12.14-197.108.1.aarch64",
                  "product_id": "cluster-md-kmp-default-4.12.14-197.108.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-4.12.14-197.108.1.aarch64",
                "product": {
                  "name": "dlm-kmp-default-4.12.14-197.108.1.aarch64",
                  "product_id": "dlm-kmp-default-4.12.14-197.108.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-4.12.14-197.108.1.aarch64",
                "product": {
                  "name": "gfs2-kmp-default-4.12.14-197.108.1.aarch64",
                  "product_id": "gfs2-kmp-default-4.12.14-197.108.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-4.12.14-197.108.1.aarch64",
                "product": {
                  "name": "kernel-default-4.12.14-197.108.1.aarch64",
                  "product_id": "kernel-default-4.12.14-197.108.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-4.12.14-197.108.1.aarch64",
                "product": {
                  "name": "kernel-default-base-4.12.14-197.108.1.aarch64",
                  "product_id": "kernel-default-base-4.12.14-197.108.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-4.12.14-197.108.1.aarch64",
                "product": {
                  "name": "kernel-default-devel-4.12.14-197.108.1.aarch64",
                  "product_id": "kernel-default-devel-4.12.14-197.108.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-4.12.14-197.108.1.aarch64",
                "product": {
                  "name": "kernel-default-extra-4.12.14-197.108.1.aarch64",
                  "product_id": "kernel-default-extra-4.12.14-197.108.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-4.12.14-197.108.1.aarch64",
                "product": {
                  "name": "kernel-default-livepatch-4.12.14-197.108.1.aarch64",
                  "product_id": "kernel-default-livepatch-4.12.14-197.108.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-devel-4.12.14-197.108.1.aarch64",
                "product": {
                  "name": "kernel-default-livepatch-devel-4.12.14-197.108.1.aarch64",
                  "product_id": "kernel-default-livepatch-devel-4.12.14-197.108.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-4.12.14-197.108.1.aarch64",
                "product": {
                  "name": "kernel-obs-build-4.12.14-197.108.1.aarch64",
                  "product_id": "kernel-obs-build-4.12.14-197.108.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-4.12.14-197.108.1.aarch64",
                "product": {
                  "name": "kernel-obs-qa-4.12.14-197.108.1.aarch64",
                  "product_id": "kernel-obs-qa-4.12.14-197.108.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-4.12.14-197.108.1.aarch64",
                "product": {
                  "name": "kernel-syms-4.12.14-197.108.1.aarch64",
                  "product_id": "kernel-syms-4.12.14-197.108.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-4.12.14-197.108.1.aarch64",
                "product": {
                  "name": "kernel-vanilla-4.12.14-197.108.1.aarch64",
                  "product_id": "kernel-vanilla-4.12.14-197.108.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-base-4.12.14-197.108.1.aarch64",
                "product": {
                  "name": "kernel-vanilla-base-4.12.14-197.108.1.aarch64",
                  "product_id": "kernel-vanilla-base-4.12.14-197.108.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
                "product": {
                  "name": "kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
                  "product_id": "kernel-vanilla-devel-4.12.14-197.108.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
                "product": {
                  "name": "kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
                  "product_id": "kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-4.12.14-197.108.1.aarch64",
                "product": {
                  "name": "kselftests-kmp-default-4.12.14-197.108.1.aarch64",
                  "product_id": "kselftests-kmp-default-4.12.14-197.108.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-4.12.14-197.108.1.aarch64",
                "product": {
                  "name": "ocfs2-kmp-default-4.12.14-197.108.1.aarch64",
                  "product_id": "ocfs2-kmp-default-4.12.14-197.108.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
                "product": {
                  "name": "reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
                  "product_id": "reiserfs-kmp-default-4.12.14-197.108.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-devel-4.12.14-197.108.1.noarch",
                "product": {
                  "name": "kernel-devel-4.12.14-197.108.1.noarch",
                  "product_id": "kernel-devel-4.12.14-197.108.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-docs-4.12.14-197.108.1.noarch",
                "product": {
                  "name": "kernel-docs-4.12.14-197.108.1.noarch",
                  "product_id": "kernel-docs-4.12.14-197.108.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-docs-html-4.12.14-197.108.1.noarch",
                "product": {
                  "name": "kernel-docs-html-4.12.14-197.108.1.noarch",
                  "product_id": "kernel-docs-html-4.12.14-197.108.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-macros-4.12.14-197.108.1.noarch",
                "product": {
                  "name": "kernel-macros-4.12.14-197.108.1.noarch",
                  "product_id": "kernel-macros-4.12.14-197.108.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-4.12.14-197.108.1.noarch",
                "product": {
                  "name": "kernel-source-4.12.14-197.108.1.noarch",
                  "product_id": "kernel-source-4.12.14-197.108.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-vanilla-4.12.14-197.108.1.noarch",
                "product": {
                  "name": "kernel-source-vanilla-4.12.14-197.108.1.noarch",
                  "product_id": "kernel-source-vanilla-4.12.14-197.108.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-4.12.14-197.108.1.ppc64le",
                "product": {
                  "name": "cluster-md-kmp-default-4.12.14-197.108.1.ppc64le",
                  "product_id": "cluster-md-kmp-default-4.12.14-197.108.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-4.12.14-197.108.1.ppc64le",
                "product": {
                  "name": "dlm-kmp-default-4.12.14-197.108.1.ppc64le",
                  "product_id": "dlm-kmp-default-4.12.14-197.108.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-4.12.14-197.108.1.ppc64le",
                "product": {
                  "name": "gfs2-kmp-default-4.12.14-197.108.1.ppc64le",
                  "product_id": "gfs2-kmp-default-4.12.14-197.108.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-4.12.14-197.108.1.ppc64le",
                "product": {
                  "name": "kernel-debug-4.12.14-197.108.1.ppc64le",
                  "product_id": "kernel-debug-4.12.14-197.108.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-base-4.12.14-197.108.1.ppc64le",
                "product": {
                  "name": "kernel-debug-base-4.12.14-197.108.1.ppc64le",
                  "product_id": "kernel-debug-base-4.12.14-197.108.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-devel-4.12.14-197.108.1.ppc64le",
                "product": {
                  "name": "kernel-debug-devel-4.12.14-197.108.1.ppc64le",
                  "product_id": "kernel-debug-devel-4.12.14-197.108.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-livepatch-devel-4.12.14-197.108.1.ppc64le",
                "product": {
                  "name": "kernel-debug-livepatch-devel-4.12.14-197.108.1.ppc64le",
                  "product_id": "kernel-debug-livepatch-devel-4.12.14-197.108.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-4.12.14-197.108.1.ppc64le",
                "product": {
                  "name": "kernel-default-4.12.14-197.108.1.ppc64le",
                  "product_id": "kernel-default-4.12.14-197.108.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-4.12.14-197.108.1.ppc64le",
                "product": {
                  "name": "kernel-default-base-4.12.14-197.108.1.ppc64le",
                  "product_id": "kernel-default-base-4.12.14-197.108.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-4.12.14-197.108.1.ppc64le",
                "product": {
                  "name": "kernel-default-devel-4.12.14-197.108.1.ppc64le",
                  "product_id": "kernel-default-devel-4.12.14-197.108.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-4.12.14-197.108.1.ppc64le",
                "product": {
                  "name": "kernel-default-extra-4.12.14-197.108.1.ppc64le",
                  "product_id": "kernel-default-extra-4.12.14-197.108.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-4.12.14-197.108.1.ppc64le",
                "product": {
                  "name": "kernel-default-livepatch-4.12.14-197.108.1.ppc64le",
                  "product_id": "kernel-default-livepatch-4.12.14-197.108.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le",
                "product": {
                  "name": "kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le",
                  "product_id": "kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le",
                "product": {
                  "name": "kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le",
                  "product_id": "kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-4.12.14-197.108.1.ppc64le",
                "product": {
                  "name": "kernel-obs-build-4.12.14-197.108.1.ppc64le",
                  "product_id": "kernel-obs-build-4.12.14-197.108.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-4.12.14-197.108.1.ppc64le",
                "product": {
                  "name": "kernel-obs-qa-4.12.14-197.108.1.ppc64le",
                  "product_id": "kernel-obs-qa-4.12.14-197.108.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-4.12.14-197.108.1.ppc64le",
                "product": {
                  "name": "kernel-syms-4.12.14-197.108.1.ppc64le",
                  "product_id": "kernel-syms-4.12.14-197.108.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-4.12.14-197.108.1.ppc64le",
                "product": {
                  "name": "kernel-vanilla-4.12.14-197.108.1.ppc64le",
                  "product_id": "kernel-vanilla-4.12.14-197.108.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
                "product": {
                  "name": "kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
                  "product_id": "kernel-vanilla-base-4.12.14-197.108.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
                "product": {
                  "name": "kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
                  "product_id": "kernel-vanilla-devel-4.12.14-197.108.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
                "product": {
                  "name": "kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
                  "product_id": "kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-4.12.14-197.108.1.ppc64le",
                "product": {
                  "name": "kselftests-kmp-default-4.12.14-197.108.1.ppc64le",
                  "product_id": "kselftests-kmp-default-4.12.14-197.108.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-4.12.14-197.108.1.ppc64le",
                "product": {
                  "name": "ocfs2-kmp-default-4.12.14-197.108.1.ppc64le",
                  "product_id": "ocfs2-kmp-default-4.12.14-197.108.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
                "product": {
                  "name": "reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
                  "product_id": "reiserfs-kmp-default-4.12.14-197.108.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-4.12.14-197.108.1.s390x",
                "product": {
                  "name": "cluster-md-kmp-default-4.12.14-197.108.1.s390x",
                  "product_id": "cluster-md-kmp-default-4.12.14-197.108.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-4.12.14-197.108.1.s390x",
                "product": {
                  "name": "dlm-kmp-default-4.12.14-197.108.1.s390x",
                  "product_id": "dlm-kmp-default-4.12.14-197.108.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-4.12.14-197.108.1.s390x",
                "product": {
                  "name": "gfs2-kmp-default-4.12.14-197.108.1.s390x",
                  "product_id": "gfs2-kmp-default-4.12.14-197.108.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-4.12.14-197.108.1.s390x",
                "product": {
                  "name": "kernel-default-4.12.14-197.108.1.s390x",
                  "product_id": "kernel-default-4.12.14-197.108.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-4.12.14-197.108.1.s390x",
                "product": {
                  "name": "kernel-default-base-4.12.14-197.108.1.s390x",
                  "product_id": "kernel-default-base-4.12.14-197.108.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-4.12.14-197.108.1.s390x",
                "product": {
                  "name": "kernel-default-devel-4.12.14-197.108.1.s390x",
                  "product_id": "kernel-default-devel-4.12.14-197.108.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-4.12.14-197.108.1.s390x",
                "product": {
                  "name": "kernel-default-extra-4.12.14-197.108.1.s390x",
                  "product_id": "kernel-default-extra-4.12.14-197.108.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-4.12.14-197.108.1.s390x",
                "product": {
                  "name": "kernel-default-livepatch-4.12.14-197.108.1.s390x",
                  "product_id": "kernel-default-livepatch-4.12.14-197.108.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-devel-4.12.14-197.108.1.s390x",
                "product": {
                  "name": "kernel-default-livepatch-devel-4.12.14-197.108.1.s390x",
                  "product_id": "kernel-default-livepatch-devel-4.12.14-197.108.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-man-4.12.14-197.108.1.s390x",
                "product": {
                  "name": "kernel-default-man-4.12.14-197.108.1.s390x",
                  "product_id": "kernel-default-man-4.12.14-197.108.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-4.12.14-197.108.1.s390x",
                "product": {
                  "name": "kernel-obs-build-4.12.14-197.108.1.s390x",
                  "product_id": "kernel-obs-build-4.12.14-197.108.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-4.12.14-197.108.1.s390x",
                "product": {
                  "name": "kernel-obs-qa-4.12.14-197.108.1.s390x",
                  "product_id": "kernel-obs-qa-4.12.14-197.108.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-4.12.14-197.108.1.s390x",
                "product": {
                  "name": "kernel-syms-4.12.14-197.108.1.s390x",
                  "product_id": "kernel-syms-4.12.14-197.108.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-4.12.14-197.108.1.s390x",
                "product": {
                  "name": "kernel-vanilla-4.12.14-197.108.1.s390x",
                  "product_id": "kernel-vanilla-4.12.14-197.108.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-base-4.12.14-197.108.1.s390x",
                "product": {
                  "name": "kernel-vanilla-base-4.12.14-197.108.1.s390x",
                  "product_id": "kernel-vanilla-base-4.12.14-197.108.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-devel-4.12.14-197.108.1.s390x",
                "product": {
                  "name": "kernel-vanilla-devel-4.12.14-197.108.1.s390x",
                  "product_id": "kernel-vanilla-devel-4.12.14-197.108.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
                "product": {
                  "name": "kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
                  "product_id": "kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-zfcpdump-4.12.14-197.108.1.s390x",
                "product": {
                  "name": "kernel-zfcpdump-4.12.14-197.108.1.s390x",
                  "product_id": "kernel-zfcpdump-4.12.14-197.108.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-zfcpdump-man-4.12.14-197.108.1.s390x",
                "product": {
                  "name": "kernel-zfcpdump-man-4.12.14-197.108.1.s390x",
                  "product_id": "kernel-zfcpdump-man-4.12.14-197.108.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-4.12.14-197.108.1.s390x",
                "product": {
                  "name": "kselftests-kmp-default-4.12.14-197.108.1.s390x",
                  "product_id": "kselftests-kmp-default-4.12.14-197.108.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-4.12.14-197.108.1.s390x",
                "product": {
                  "name": "ocfs2-kmp-default-4.12.14-197.108.1.s390x",
                  "product_id": "ocfs2-kmp-default-4.12.14-197.108.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-default-4.12.14-197.108.1.s390x",
                "product": {
                  "name": "reiserfs-kmp-default-4.12.14-197.108.1.s390x",
                  "product_id": "reiserfs-kmp-default-4.12.14-197.108.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-4.12.14-197.108.1.x86_64",
                "product": {
                  "name": "cluster-md-kmp-default-4.12.14-197.108.1.x86_64",
                  "product_id": "cluster-md-kmp-default-4.12.14-197.108.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-4.12.14-197.108.1.x86_64",
                "product": {
                  "name": "dlm-kmp-default-4.12.14-197.108.1.x86_64",
                  "product_id": "dlm-kmp-default-4.12.14-197.108.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-4.12.14-197.108.1.x86_64",
                "product": {
                  "name": "gfs2-kmp-default-4.12.14-197.108.1.x86_64",
                  "product_id": "gfs2-kmp-default-4.12.14-197.108.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-4.12.14-197.108.1.x86_64",
                "product": {
                  "name": "kernel-debug-4.12.14-197.108.1.x86_64",
                  "product_id": "kernel-debug-4.12.14-197.108.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-base-4.12.14-197.108.1.x86_64",
                "product": {
                  "name": "kernel-debug-base-4.12.14-197.108.1.x86_64",
                  "product_id": "kernel-debug-base-4.12.14-197.108.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-devel-4.12.14-197.108.1.x86_64",
                "product": {
                  "name": "kernel-debug-devel-4.12.14-197.108.1.x86_64",
                  "product_id": "kernel-debug-devel-4.12.14-197.108.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-livepatch-devel-4.12.14-197.108.1.x86_64",
                "product": {
                  "name": "kernel-debug-livepatch-devel-4.12.14-197.108.1.x86_64",
                  "product_id": "kernel-debug-livepatch-devel-4.12.14-197.108.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-4.12.14-197.108.1.x86_64",
                "product": {
                  "name": "kernel-default-4.12.14-197.108.1.x86_64",
                  "product_id": "kernel-default-4.12.14-197.108.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-4.12.14-197.108.1.x86_64",
                "product": {
                  "name": "kernel-default-base-4.12.14-197.108.1.x86_64",
                  "product_id": "kernel-default-base-4.12.14-197.108.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-4.12.14-197.108.1.x86_64",
                "product": {
                  "name": "kernel-default-devel-4.12.14-197.108.1.x86_64",
                  "product_id": "kernel-default-devel-4.12.14-197.108.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-4.12.14-197.108.1.x86_64",
                "product": {
                  "name": "kernel-default-extra-4.12.14-197.108.1.x86_64",
                  "product_id": "kernel-default-extra-4.12.14-197.108.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-4.12.14-197.108.1.x86_64",
                "product": {
                  "name": "kernel-default-livepatch-4.12.14-197.108.1.x86_64",
                  "product_id": "kernel-default-livepatch-4.12.14-197.108.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64",
                "product": {
                  "name": "kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64",
                  "product_id": "kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-4.12.14-197.108.1.x86_64",
                "product": {
                  "name": "kernel-kvmsmall-4.12.14-197.108.1.x86_64",
                  "product_id": "kernel-kvmsmall-4.12.14-197.108.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
                "product": {
                  "name": "kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
                  "product_id": "kernel-kvmsmall-base-4.12.14-197.108.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-devel-4.12.14-197.108.1.x86_64",
                "product": {
                  "name": "kernel-kvmsmall-devel-4.12.14-197.108.1.x86_64",
                  "product_id": "kernel-kvmsmall-devel-4.12.14-197.108.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-livepatch-devel-4.12.14-197.108.1.x86_64",
                "product": {
                  "name": "kernel-kvmsmall-livepatch-devel-4.12.14-197.108.1.x86_64",
                  "product_id": "kernel-kvmsmall-livepatch-devel-4.12.14-197.108.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64",
                "product": {
                  "name": "kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64",
                  "product_id": "kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-4.12.14-197.108.1.x86_64",
                "product": {
                  "name": "kernel-obs-build-4.12.14-197.108.1.x86_64",
                  "product_id": "kernel-obs-build-4.12.14-197.108.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-4.12.14-197.108.1.x86_64",
                "product": {
                  "name": "kernel-obs-qa-4.12.14-197.108.1.x86_64",
                  "product_id": "kernel-obs-qa-4.12.14-197.108.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-4.12.14-197.108.1.x86_64",
                "product": {
                  "name": "kernel-syms-4.12.14-197.108.1.x86_64",
                  "product_id": "kernel-syms-4.12.14-197.108.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-4.12.14-197.108.1.x86_64",
                "product": {
                  "name": "kernel-vanilla-4.12.14-197.108.1.x86_64",
                  "product_id": "kernel-vanilla-4.12.14-197.108.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-base-4.12.14-197.108.1.x86_64",
                "product": {
                  "name": "kernel-vanilla-base-4.12.14-197.108.1.x86_64",
                  "product_id": "kernel-vanilla-base-4.12.14-197.108.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
                "product": {
                  "name": "kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
                  "product_id": "kernel-vanilla-devel-4.12.14-197.108.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
                "product": {
                  "name": "kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
                  "product_id": "kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-4.12.14-197.108.1.x86_64",
                "product": {
                  "name": "kselftests-kmp-default-4.12.14-197.108.1.x86_64",
                  "product_id": "kselftests-kmp-default-4.12.14-197.108.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-4.12.14-197.108.1.x86_64",
                "product": {
                  "name": "ocfs2-kmp-default-4.12.14-197.108.1.x86_64",
                  "product_id": "ocfs2-kmp-default-4.12.14-197.108.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
                "product": {
                  "name": "reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
                  "product_id": "reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Live Patching 15 SP1",
                "product": {
                  "name": "SUSE Linux Enterprise Live Patching 15 SP1",
                  "product_id": "SUSE Linux Enterprise Live Patching 15 SP1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-live-patching:15:sp1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Availability Extension 15 SP1",
                "product": {
                  "name": "SUSE Linux Enterprise High Availability Extension 15 SP1",
                  "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-ha:15:sp1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
                "product": {
                  "name": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
                  "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle_hpc-espos:15:sp1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
                  "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 15 SP1-BCL",
                "product": {
                  "name": "SUSE Linux Enterprise Server 15 SP1-BCL",
                  "product_id": "SUSE Linux Enterprise Server 15 SP1-BCL",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_bcl:15:sp1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:15:sp1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:15:sp1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Enterprise Storage 6",
                "product": {
                  "name": "SUSE Enterprise Storage 6",
                  "product_id": "SUSE Enterprise Storage 6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:ses:6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-4.12.14-197.108.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP1",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.ppc64le"
        },
        "product_reference": "kernel-default-livepatch-4.12.14-197.108.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-4.12.14-197.108.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP1",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-default-livepatch-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP1",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le"
        },
        "product_reference": "kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP1",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP1",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le"
        },
        "product_reference": "kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP1",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64"
        },
        "product_reference": "kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-4.12.14-197.108.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP1",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.aarch64"
        },
        "product_reference": "cluster-md-kmp-default-4.12.14-197.108.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-4.12.14-197.108.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP1",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.ppc64le"
        },
        "product_reference": "cluster-md-kmp-default-4.12.14-197.108.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-4.12.14-197.108.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP1",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.s390x"
        },
        "product_reference": "cluster-md-kmp-default-4.12.14-197.108.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-4.12.14-197.108.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP1",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "cluster-md-kmp-default-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-4.12.14-197.108.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP1",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.aarch64"
        },
        "product_reference": "dlm-kmp-default-4.12.14-197.108.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-4.12.14-197.108.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP1",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.ppc64le"
        },
        "product_reference": "dlm-kmp-default-4.12.14-197.108.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-4.12.14-197.108.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP1",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.s390x"
        },
        "product_reference": "dlm-kmp-default-4.12.14-197.108.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-4.12.14-197.108.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP1",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "dlm-kmp-default-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-4.12.14-197.108.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP1",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.aarch64"
        },
        "product_reference": "gfs2-kmp-default-4.12.14-197.108.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-4.12.14-197.108.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP1",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.ppc64le"
        },
        "product_reference": "gfs2-kmp-default-4.12.14-197.108.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-4.12.14-197.108.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP1",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.s390x"
        },
        "product_reference": "gfs2-kmp-default-4.12.14-197.108.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-4.12.14-197.108.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP1",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "gfs2-kmp-default-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-4.12.14-197.108.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP1",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.aarch64"
        },
        "product_reference": "ocfs2-kmp-default-4.12.14-197.108.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-4.12.14-197.108.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP1",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.ppc64le"
        },
        "product_reference": "ocfs2-kmp-default-4.12.14-197.108.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-4.12.14-197.108.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP1",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.s390x"
        },
        "product_reference": "ocfs2-kmp-default-4.12.14-197.108.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-4.12.14-197.108.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP1",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "ocfs2-kmp-default-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-197.108.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.aarch64"
        },
        "product_reference": "kernel-default-4.12.14-197.108.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-197.108.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-default-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-197.108.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.aarch64"
        },
        "product_reference": "kernel-default-base-4.12.14-197.108.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-197.108.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-default-base-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-197.108.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.aarch64"
        },
        "product_reference": "kernel-default-devel-4.12.14-197.108.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-197.108.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-default-devel-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-4.12.14-197.108.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-devel-4.12.14-197.108.1.noarch"
        },
        "product_reference": "kernel-devel-4.12.14-197.108.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-docs-4.12.14-197.108.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-docs-4.12.14-197.108.1.noarch"
        },
        "product_reference": "kernel-docs-4.12.14-197.108.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-4.12.14-197.108.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-macros-4.12.14-197.108.1.noarch"
        },
        "product_reference": "kernel-macros-4.12.14-197.108.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-4.12.14-197.108.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.aarch64"
        },
        "product_reference": "kernel-obs-build-4.12.14-197.108.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-4.12.14-197.108.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-obs-build-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-4.12.14-197.108.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-source-4.12.14-197.108.1.noarch"
        },
        "product_reference": "kernel-source-4.12.14-197.108.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-197.108.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.aarch64"
        },
        "product_reference": "kernel-syms-4.12.14-197.108.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-197.108.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-syms-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-197.108.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64"
        },
        "product_reference": "kernel-default-4.12.14-197.108.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-197.108.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-default-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-197.108.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64"
        },
        "product_reference": "kernel-default-base-4.12.14-197.108.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-197.108.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-default-base-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-197.108.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64"
        },
        "product_reference": "kernel-default-devel-4.12.14-197.108.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-197.108.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-default-devel-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-4.12.14-197.108.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch"
        },
        "product_reference": "kernel-devel-4.12.14-197.108.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-docs-4.12.14-197.108.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch"
        },
        "product_reference": "kernel-docs-4.12.14-197.108.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-4.12.14-197.108.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch"
        },
        "product_reference": "kernel-macros-4.12.14-197.108.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-4.12.14-197.108.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64"
        },
        "product_reference": "kernel-obs-build-4.12.14-197.108.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-4.12.14-197.108.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-obs-build-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-4.12.14-197.108.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch"
        },
        "product_reference": "kernel-source-4.12.14-197.108.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-197.108.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64"
        },
        "product_reference": "kernel-syms-4.12.14-197.108.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-197.108.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-syms-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-197.108.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-BCL",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-default-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-197.108.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-BCL",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-base-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-default-base-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-197.108.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-BCL",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-devel-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-default-devel-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-4.12.14-197.108.1.noarch as component of SUSE Linux Enterprise Server 15 SP1-BCL",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-devel-4.12.14-197.108.1.noarch"
        },
        "product_reference": "kernel-devel-4.12.14-197.108.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-docs-4.12.14-197.108.1.noarch as component of SUSE Linux Enterprise Server 15 SP1-BCL",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-docs-4.12.14-197.108.1.noarch"
        },
        "product_reference": "kernel-docs-4.12.14-197.108.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-4.12.14-197.108.1.noarch as component of SUSE Linux Enterprise Server 15 SP1-BCL",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-macros-4.12.14-197.108.1.noarch"
        },
        "product_reference": "kernel-macros-4.12.14-197.108.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-4.12.14-197.108.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-BCL",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-obs-build-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-obs-build-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-4.12.14-197.108.1.noarch as component of SUSE Linux Enterprise Server 15 SP1-BCL",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-source-4.12.14-197.108.1.noarch"
        },
        "product_reference": "kernel-source-4.12.14-197.108.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-197.108.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-BCL",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-syms-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-syms-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-4.12.14-197.108.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-BCL",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-197.108.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64"
        },
        "product_reference": "kernel-default-4.12.14-197.108.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-197.108.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.ppc64le"
        },
        "product_reference": "kernel-default-4.12.14-197.108.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-197.108.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.s390x"
        },
        "product_reference": "kernel-default-4.12.14-197.108.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-197.108.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-default-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-197.108.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64"
        },
        "product_reference": "kernel-default-base-4.12.14-197.108.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-197.108.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.ppc64le"
        },
        "product_reference": "kernel-default-base-4.12.14-197.108.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-197.108.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.s390x"
        },
        "product_reference": "kernel-default-base-4.12.14-197.108.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-197.108.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-default-base-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-197.108.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64"
        },
        "product_reference": "kernel-default-devel-4.12.14-197.108.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-197.108.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.ppc64le"
        },
        "product_reference": "kernel-default-devel-4.12.14-197.108.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-197.108.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.s390x"
        },
        "product_reference": "kernel-default-devel-4.12.14-197.108.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-197.108.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-default-devel-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-man-4.12.14-197.108.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-197.108.1.s390x"
        },
        "product_reference": "kernel-default-man-4.12.14-197.108.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-4.12.14-197.108.1.noarch as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch"
        },
        "product_reference": "kernel-devel-4.12.14-197.108.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-docs-4.12.14-197.108.1.noarch as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch"
        },
        "product_reference": "kernel-docs-4.12.14-197.108.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-4.12.14-197.108.1.noarch as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch"
        },
        "product_reference": "kernel-macros-4.12.14-197.108.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-4.12.14-197.108.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64"
        },
        "product_reference": "kernel-obs-build-4.12.14-197.108.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-4.12.14-197.108.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.ppc64le"
        },
        "product_reference": "kernel-obs-build-4.12.14-197.108.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-4.12.14-197.108.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.s390x"
        },
        "product_reference": "kernel-obs-build-4.12.14-197.108.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-4.12.14-197.108.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-obs-build-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-4.12.14-197.108.1.noarch as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch"
        },
        "product_reference": "kernel-source-4.12.14-197.108.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-197.108.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64"
        },
        "product_reference": "kernel-syms-4.12.14-197.108.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-197.108.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.ppc64le"
        },
        "product_reference": "kernel-syms-4.12.14-197.108.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-197.108.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.s390x"
        },
        "product_reference": "kernel-syms-4.12.14-197.108.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-197.108.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-syms-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-4.12.14-197.108.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.aarch64"
        },
        "product_reference": "reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-4.12.14-197.108.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le"
        },
        "product_reference": "reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-4.12.14-197.108.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.s390x"
        },
        "product_reference": "reiserfs-kmp-default-4.12.14-197.108.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-4.12.14-197.108.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-197.108.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.ppc64le"
        },
        "product_reference": "kernel-default-4.12.14-197.108.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-197.108.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-default-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-197.108.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.ppc64le"
        },
        "product_reference": "kernel-default-base-4.12.14-197.108.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-197.108.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-default-base-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-197.108.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.ppc64le"
        },
        "product_reference": "kernel-default-devel-4.12.14-197.108.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-197.108.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-default-devel-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-4.12.14-197.108.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-197.108.1.noarch"
        },
        "product_reference": "kernel-devel-4.12.14-197.108.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-docs-4.12.14-197.108.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-197.108.1.noarch"
        },
        "product_reference": "kernel-docs-4.12.14-197.108.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-4.12.14-197.108.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-197.108.1.noarch"
        },
        "product_reference": "kernel-macros-4.12.14-197.108.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-4.12.14-197.108.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.ppc64le"
        },
        "product_reference": "kernel-obs-build-4.12.14-197.108.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-4.12.14-197.108.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-obs-build-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-4.12.14-197.108.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-197.108.1.noarch"
        },
        "product_reference": "kernel-source-4.12.14-197.108.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-197.108.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.ppc64le"
        },
        "product_reference": "kernel-syms-4.12.14-197.108.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-197.108.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-syms-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-4.12.14-197.108.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le"
        },
        "product_reference": "reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-4.12.14-197.108.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-197.108.1.aarch64 as component of SUSE Enterprise Storage 6",
          "product_id": "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.aarch64"
        },
        "product_reference": "kernel-default-4.12.14-197.108.1.aarch64",
        "relates_to_product_reference": "SUSE Enterprise Storage 6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-197.108.1.x86_64 as component of SUSE Enterprise Storage 6",
          "product_id": "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-default-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-197.108.1.aarch64 as component of SUSE Enterprise Storage 6",
          "product_id": "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.aarch64"
        },
        "product_reference": "kernel-default-base-4.12.14-197.108.1.aarch64",
        "relates_to_product_reference": "SUSE Enterprise Storage 6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-197.108.1.x86_64 as component of SUSE Enterprise Storage 6",
          "product_id": "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-default-base-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-197.108.1.aarch64 as component of SUSE Enterprise Storage 6",
          "product_id": "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.aarch64"
        },
        "product_reference": "kernel-default-devel-4.12.14-197.108.1.aarch64",
        "relates_to_product_reference": "SUSE Enterprise Storage 6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-197.108.1.x86_64 as component of SUSE Enterprise Storage 6",
          "product_id": "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-default-devel-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-4.12.14-197.108.1.noarch as component of SUSE Enterprise Storage 6",
          "product_id": "SUSE Enterprise Storage 6:kernel-devel-4.12.14-197.108.1.noarch"
        },
        "product_reference": "kernel-devel-4.12.14-197.108.1.noarch",
        "relates_to_product_reference": "SUSE Enterprise Storage 6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-docs-4.12.14-197.108.1.noarch as component of SUSE Enterprise Storage 6",
          "product_id": "SUSE Enterprise Storage 6:kernel-docs-4.12.14-197.108.1.noarch"
        },
        "product_reference": "kernel-docs-4.12.14-197.108.1.noarch",
        "relates_to_product_reference": "SUSE Enterprise Storage 6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-4.12.14-197.108.1.noarch as component of SUSE Enterprise Storage 6",
          "product_id": "SUSE Enterprise Storage 6:kernel-macros-4.12.14-197.108.1.noarch"
        },
        "product_reference": "kernel-macros-4.12.14-197.108.1.noarch",
        "relates_to_product_reference": "SUSE Enterprise Storage 6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-4.12.14-197.108.1.aarch64 as component of SUSE Enterprise Storage 6",
          "product_id": "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.aarch64"
        },
        "product_reference": "kernel-obs-build-4.12.14-197.108.1.aarch64",
        "relates_to_product_reference": "SUSE Enterprise Storage 6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-4.12.14-197.108.1.x86_64 as component of SUSE Enterprise Storage 6",
          "product_id": "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-obs-build-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-4.12.14-197.108.1.noarch as component of SUSE Enterprise Storage 6",
          "product_id": "SUSE Enterprise Storage 6:kernel-source-4.12.14-197.108.1.noarch"
        },
        "product_reference": "kernel-source-4.12.14-197.108.1.noarch",
        "relates_to_product_reference": "SUSE Enterprise Storage 6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-197.108.1.aarch64 as component of SUSE Enterprise Storage 6",
          "product_id": "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.aarch64"
        },
        "product_reference": "kernel-syms-4.12.14-197.108.1.aarch64",
        "relates_to_product_reference": "SUSE Enterprise Storage 6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-197.108.1.x86_64 as component of SUSE Enterprise Storage 6",
          "product_id": "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-syms-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-4.12.14-197.108.1.aarch64 as component of SUSE Enterprise Storage 6",
          "product_id": "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.aarch64"
        },
        "product_reference": "reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
        "relates_to_product_reference": "SUSE Enterprise Storage 6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-4.12.14-197.108.1.x86_64 as component of SUSE Enterprise Storage 6",
          "product_id": "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 6"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-44879",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-44879"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-44879",
          "url": "https://www.suse.com/security/cve/CVE-2021-44879"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195987 for CVE-2021-44879",
          "url": "https://bugzilla.suse.com/1195987"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T09:10:04Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-44879"
    },
    {
      "cve": "CVE-2022-0001",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0001"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0001",
          "url": "https://www.suse.com/security/cve/CVE-2022-0001"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191580 for CVE-2022-0001",
          "url": "https://bugzilla.suse.com/1191580"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196901 for CVE-2022-0001",
          "url": "https://bugzilla.suse.com/1196901"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T09:10:04Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0001"
    },
    {
      "cve": "CVE-2022-0002",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0002"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0002",
          "url": "https://www.suse.com/security/cve/CVE-2022-0002"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191580 for CVE-2022-0002",
          "url": "https://bugzilla.suse.com/1191580"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196901 for CVE-2022-0002",
          "url": "https://bugzilla.suse.com/1196901"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T09:10:04Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0002"
    },
    {
      "cve": "CVE-2022-0487",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0487"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0487",
          "url": "https://www.suse.com/security/cve/CVE-2022-0487"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194516 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1194516"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195949 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1195949"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198615 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1198615"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T09:10:04Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0487"
    },
    {
      "cve": "CVE-2022-0492",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0492"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability was found in the Linux kernel\u0027s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0492",
          "url": "https://www.suse.com/security/cve/CVE-2022-0492"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195543 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1195543"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195908 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1195908"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196612 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1196612"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196776 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1196776"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198615 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1198615"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199255 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1199255"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199615 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1199615"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200084 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1200084"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T09:10:04Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0492"
    },
    {
      "cve": "CVE-2022-0617",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0617"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0617",
          "url": "https://www.suse.com/security/cve/CVE-2022-0617"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196079 for CVE-2022-0617",
          "url": "https://bugzilla.suse.com/1196079"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T09:10:04Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0617"
    },
    {
      "cve": "CVE-2022-0644",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0644"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0644",
          "url": "https://www.suse.com/security/cve/CVE-2022-0644"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196155 for CVE-2022-0644",
          "url": "https://bugzilla.suse.com/1196155"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T09:10:04Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0644"
    },
    {
      "cve": "CVE-2022-0847",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0847"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in the way the \"flags\" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0847",
          "url": "https://www.suse.com/security/cve/CVE-2022-0847"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196584 for CVE-2022-0847",
          "url": "https://bugzilla.suse.com/1196584"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196601 for CVE-2022-0847",
          "url": "https://bugzilla.suse.com/1196601"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T09:10:04Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-0847"
    },
    {
      "cve": "CVE-2022-24448",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24448"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file descriptor.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24448",
          "url": "https://www.suse.com/security/cve/CVE-2022-24448"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195612 for CVE-2022-24448",
          "url": "https://bugzilla.suse.com/1195612"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T09:10:04Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24448"
    },
    {
      "cve": "CVE-2022-24959",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24959"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in yam_siocdevprivate in drivers/net/hamradio/yam.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-BCL:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-197.108.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24959",
          "url": "https://www.suse.com/security/cve/CVE-2022-24959"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195897 for CVE-2022-24959",
          "url": "https://bugzilla.suse.com/1195897"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Enterprise Storage 6:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_108-default-1-3.3.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-BCL:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-BCL:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-197.108.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-197.108.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-197.108.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T09:10:04Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24959"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2022-25636: Fixed an issue which allowed a local users to gain privileges because of a heap out-of-bounds write in nf_dup_netdev.c, related to nf_tables_offload (bsc#1196299).\n- CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An attacker with adjacent NFC access could trigger crash the system or corrupt system memory (bsc#1196830).\n- CVE-2022-0487: A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c (bsc#1194516).\n- CVE-2022-24448: Fixed an issue if an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should have occured, but the server instead returned uninitialized data in the file descriptor (bsc#1195612).\n- CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image. (bsc#1196079)\n- CVE-2022-0644: Fixed a denial of service by a local user. A assertion failure could be triggered in kernel_read_file_from_fd(). (bsc#1196155)\n- CVE-2022-25258: The USB Gadget subsystem lacked certain validation of interface OS descriptor requests, which could have lead to memory corruption (bsc#1196096).\n- CVE-2022-24958: drivers/usb/gadget/legacy/inode.c mishandled dev-\u003ebuf release (bsc#1195905).\n- CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in drivers/net/hamradio/yam.c (bsc#1195897).\n- CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were not considered, which lead to a move_data_page NULL pointer dereference (bsc#1195987).\n- CVE-2021-0920: Fixed a local privilege escalation due to a use-after-free vulnerability in unix_scm_to_skb of af_unix (bsc#1193731).\n- CVE-2021-39657: Fixed an information leak in the Universal Flash Storage subsystem (bsc#1193864).\n\nThe following non-security bugs were fixed:\n\n- ALSA: intel_hdmi: Fix reference to PCM buffer address (git-fixes).\n- ARM: 9182/1: mmu: fix returns from early_param() and __setup() functions (git-fixes).\n- ARM: Fix kgdb breakpoint for Thumb2 (git-fixes).\n- ASoC: cs4265: Fix the duplicated control name (git-fixes).\n- ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min (git-fixes).\n- ASoC: rt5668: do not block workqueue if card is unbound (git-fixes).\n- ASoC: rt5682: do not block workqueue if card is unbound (git-fixes).\n- Bluetooth: btusb: Add missing Chicony device for Realtek RTL8723BE (bsc#1196779).\n- EDAC/altera: Fix deferred probing (bsc#1178134).\n- HID: add mapping for KEY_ALL_APPLICATIONS (git-fixes).\n- HID: add mapping for KEY_DICTATE (git-fixes).\n- Hand over the maintainership to SLE15-SP3 maintainers\n- IB/hfi1: Correct guard on eager buffer deallocation (git-fixes).\n- IB/hfi1: Fix early init panic (git-fixes).\n- IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr (git-fixes).\n- IB/hfi1: Insure use of smp_processor_id() is preempt disabled (git-fixes).\n- IB/rdmavt: Validate remote_addr during loopback atomic tests (git-fixes).\n- Input: clear BTN_RIGHT/MIDDLE on buttonpads (git-fixes).\n- Input: elan_i2c - fix regulator enable count imbalance after suspend/resume (git-fixes).\n- Input: elan_i2c - move regulator_[en|dis]able() out of elan_[en|dis]able_power() (git-fixes).\n- RDMA/bnxt_re: Scan the whole bitmap when checking if \u0027disabling RCFW with pending cmd-bit\u0027 (git-fixes).\n- RDMA/cma: Do not change route.addr.src_addr outside state checks (bsc#1181147).\n- RDMA/cma: Let cma_resolve_ib_dev() continue search even after empty entry (git-fixes).\n- RDMA/cma: Remove open coding of overflow checking for private_data_len (git-fixes).\n- RDMA/core: Do not infoleak GRH fields (git-fixes).\n- RDMA/core: Let ib_find_gid() continue search even after empty entry (git-fixes).\n- RDMA/cxgb4: Set queue pair state when being queried (git-fixes).\n- RDMA/hns: Validate the pkey index (git-fixes).\n- RDMA/ib_srp: Fix a deadlock (git-fixes).\n- RDMA/mlx4: Do not continue event handler after memory allocation failure (git-fixes).\n- RDMA/rtrs-clt: Fix possible double free in error case (jsc#SLE-15176).\n- RDMA/rxe: Fix a typo in opcode name (git-fixes).\n- RDMA/siw: Fix broken RDMA Read Fence/Resume logic (git-fixes).\n- RDMA/uverbs: Check for null return of kmalloc_array (git-fixes).\n- RDMA/uverbs: Remove the unnecessary assignment (git-fixes).\n- Revert \u0027USB: serial: ch341: add new Product ID for CH341A\u0027 (git-fixes).\n- SUNRPC: avoid race between mod_timer() and del_timer_sync() (bnc#1195403).\n- USB: gadget: validate endpoint index for xilinx udc (git-fixes).\n- USB: gadget: validate interface OS descriptor requests (git-fixes).\n- USB: hub: Clean up use of port initialization schemes and retries (git-fixes).\n- USB: serial: option: add Telit LE910R1 compositions (git-fixes).\n- USB: serial: option: add support for DW5829e (git-fixes).\n- USB: zaurus: support another broken Zaurus (git-fixes).\n- arm64: dts: rockchip: Switch RK3399-Gru DP to SPDIF output (git-fixes).\n- asix: fix uninit-value in asix_mdio_read() (git-fixes).\n- ata: pata_hpt37x: disable primary channel on HPT371 (git-fixes).\n- batman-adv: Do not expect inter-netns unique iflink indices (git-fixes).\n- batman-adv: Request iflink once in batadv-on-batadv check (git-fixes).\n- batman-adv: Request iflink once in batadv_get_real_netdevice (git-fixes).\n- blk-mq: do not free tags if the tag_set is used by other device in queue initialztion (bsc#1193787).\n- bnxt_en: Fix active FEC reporting to ethtool (jsc#SLE-16649).\n- bnxt_en: Fix incorrect multicast rx mask setting when not requested (git-fixes).\n- bnxt_en: Fix occasional ethtool -t loopback test failures (git-fixes).\n- bnxt_en: Fix offline ethtool selftest with RDMA enabled (git-fixes).\n- bonding: force carrier update when releasing slave (git-fixes).\n- can: gs_usb: change active_channels\u0027s type from atomic_t to u8 (git-fixes).\n- cgroup-v1: Correct privileges check in release_agent writes (bsc#1196723).\n- cgroup/cpuset: Fix \u0027suspicious RCU usage\u0027 lockdep warning (bsc#1196868).\n- clk: jz4725b: fix mmc0 clock gating (git-fixes).\n- cpufreq: schedutil: Use kobject release() method to free (git-fixes)\n- cpuset: Fix the bug that subpart_cpus updated wrongly in update_cpumask() (bsc#1196866).\n- cputime, cpuacct: Include guest time in user time in (git-fixes)\n- dma-direct: Fix potential NULL pointer dereference (bsc#1196472 ltc#192278).\n- dma-mapping: Allow mixing bypass and mapped DMA operation (bsc#1196472 ltc#192278).\n- dmaengine: shdma: Fix runtime PM imbalance on error (git-fixes).\n- drm/amdgpu: disable MMHUB PG for Picasso (git-fixes).\n- drm/edid: Always set RGB444 (git-fixes).\n- drm/i915/dg1: Wait for pcode/uncore handshake at startup (bsc#1195211).\n- drm/i915/gen11+: Only load DRAM information from pcode (bsc#1195211).\n- drm/i915: Nuke not needed members of dram_info (bsc#1195211).\n- drm/i915: Remove memory frequency calculation (bsc#1195211).\n- drm/i915: Rename is_16gb_dimm to wm_lv_0_adjust_needed (bsc#1195211).\n- efivars: Respect \u0027block\u0027 flag in efivar_entry_set_safe() (git-fixes).\n- exfat: fix i_blocks for files truncated over 4 GiB (git-fixes).\n- exfat: fix incorrect loading of i_blocks for large files (git-fixes).\n- firmware: arm_scmi: Remove space in MODULE_ALIAS name (git-fixes).\n- gpio: rockchip: Reset int_bothedge when changing trigger (git-fixes).\n- gpio: tegra186: Fix chip_data type confusion (git-fixes).\n- gtp: remove useless rcu_read_lock() (git-fixes).\n- hamradio: fix macro redefine warning (git-fixes).\n- i2c: bcm2835: Avoid clock stretching timeouts (git-fixes).\n- iavf: Fix missing check for running netdev (git-fixes).\n- ice: initialize local variable \u0027tlv\u0027 (jsc#SLE-12878).\n- igc: igc_read_phy_reg_gpy: drop premature return (git-fixes).\n- igc: igc_write_phy_reg_gpy: drop premature return (git-fixes).\n- iio: Fix error handling for PM (git-fixes).\n- iio: adc: ad7124: fix mask used for setting AIN_BUFP \u0026 AIN_BUFM bits (git-fixes).\n- iio: adc: men_z188_adc: Fix a resource leak in an error handling path (git-fixes).\n- ixgbe: xsk: change !netif_carrier_ok() handling in ixgbe_xmit_zc() (git-fixes).\n- mac80211: fix forwarded mesh frames AC \u0026 queue selection (git-fixes).\n- mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work (git-fixes).\n- mac80211_hwsim: report NOACK frames in tx_status (git-fixes).\n- mask out added spinlock in rndis_params (git-fixes).\n- net/mlx5: Fix possible deadlock on rule deletion (git-fixes).\n- net/mlx5: Fix wrong limitation of metadata match on ecpf (git-fixes).\n- net/mlx5: Update the list of the PCI supported devices (git-fixes).\n- net/mlx5: Update the list of the PCI supported devices (git-fixes).\n- net/mlx5e: Fix modify header actions memory leak (git-fixes).\n- net/mlx5e: Fix page DMA map/unmap attributes (bsc#1196468).\n- net/mlx5e: Fix wrong return value on ioctl EEPROM query failure (git-fixes).\n- net/mlx5e: TC, Reject rules with drop and modify hdr action (git-fixes).\n- net/mlx5e: TC, Reject rules with forward and drop actions (git-fixes).\n- net/mlx5e: kTLS, Use CHECKSUM_UNNECESSARY for device-offloaded packets (jsc#SLE-15172).\n- net/sched: act_ct: Fix flow table lookup after ct clear or switching zones (jsc#SLE-15172).\n- net: dsa: mv88e6xxx: MV88E6097 does not support jumbo configuration (git-fixes).\n- net: ethernet: ti: cpsw: disable PTPv1 hw timestamping advertisement (git-fixes).\n- net: fix up skbs delta_truesize in UDP GRO frag_list (bsc#1176447).\n- net: hns3: Clear the CMDQ registers before unmapping BAR region (git-fixes).\n- net: sfc: Replace in_interrupt() usage (git-fixes).\n- net: tipc: validate domain record count on input (bsc#1195254).\n- net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990 (git-fixes).\n- netfilter: nf_tables: fix memory leak during stateful obj update (bsc#1176447).\n- netsec: ignore \u0027phy-mode\u0027 device property on ACPI systems (git-fixes).\n- nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac() (git-fixes).\n- nl80211: Handle nla_memdup failures in handle_nan_filter (git-fixes).\n- ntb: intel: fix port config status offset for SPR (git-fixes).\n- nvme-multipath: use vmalloc for ANA log buffer (bsc#1193787).\n- nvme-rdma: fix possible use-after-free in transport error_recovery work (git-fixes).\n- nvme-tcp: fix possible use-after-free in transport error_recovery work (git-fixes).\n- nvme: fix a possible use-after-free in controller reset during load (git-fixes).\n- powerpc/dma: Fallback to dma_ops when persistent memory present (bsc#1196472 ltc#192278). Update config files.\n- powerpc/fadump: register for fadump as early as possible (bsc#1179439 ltc#190038).\n- powerpc/mm: Remove dcache flush from memory remove (bsc#1196433 ltc#196449).\n- powerpc/powernv/memtrace: Fix dcache flushing (bsc#1196433 ltc#196449).\n- powerpc/pseries/iommu: Fix window size for direct mapping with pmem (bsc#1196472 ltc#192278).\n- sched/core: Mitigate race (git-fixes)\n- scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put() (git-fixes).\n- scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe (git-fixes).\n- scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write() (git-fixes).\n- scsi: nsp_cs: Check of ioremap return value (git-fixes).\n- scsi: qedf: Fix potential dereference of NULL pointer (git-fixes).\n- scsi: smartpqi: Add PCI IDs (bsc#1196627).\n- scsi: ufs: Fix race conditions related to driver data (git-fixes).\n- selftests: mlxsw: tc_police_scale: Make test more robust (bsc#1176774).\n- soc: fsl: Correct MAINTAINERS database (QUICC ENGINE LIBRARY) (git-fixes).\n- soc: fsl: Correct MAINTAINERS database (SOC) (git-fixes).\n- soc: fsl: qe: Check of ioremap return value (git-fixes).\n- spi: spi-zynq-qspi: Fix a NULL pointer dereference in zynq_qspi_exec_mem_op() (git-fixes).\n- sr9700: sanity check for packet length (bsc#1196836).\n- tracing: Fix return value of __setup handlers (git-fixes).\n- tty: n_gsm: fix encoding of control signal octet bit DV (git-fixes).\n- tty: n_gsm: fix proper link termination after failed open (git-fixes).\n- usb: dwc2: use well defined macros for power_down (git-fixes).\n- usb: dwc3: gadget: Let the interrupt handler disable bottom halves (git-fixes).\n- usb: dwc3: pci: Fix Bay Trail phy GPIO mappings (git-fixes).\n- usb: gadget: rndis: add spinlock for rndis response list (git-fixes).\n- usb: hub: Fix usb enumeration issue due to address0 race (git-fixes).\n- vrf: Fix fast path output packet handling with async Netfilter rules (git-fixes).\n- xhci: Prevent futile URB re-submissions due to incorrect return value (git-fixes).\n- xhci: re-initialize the HC during resume if HCE was set (git-fixes).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2022-1037,SUSE-SLE-Module-Public-Cloud-15-SP3-2022-1037",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_1037-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2022:1037-1",
        "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221037-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2022:1037-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010570.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1176447",
        "url": "https://bugzilla.suse.com/1176447"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1176774",
        "url": "https://bugzilla.suse.com/1176774"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1178134",
        "url": "https://bugzilla.suse.com/1178134"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1179439",
        "url": "https://bugzilla.suse.com/1179439"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1181147",
        "url": "https://bugzilla.suse.com/1181147"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1191428",
        "url": "https://bugzilla.suse.com/1191428"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1192273",
        "url": "https://bugzilla.suse.com/1192273"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193731",
        "url": "https://bugzilla.suse.com/1193731"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193787",
        "url": "https://bugzilla.suse.com/1193787"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193864",
        "url": "https://bugzilla.suse.com/1193864"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194463",
        "url": "https://bugzilla.suse.com/1194463"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194516",
        "url": "https://bugzilla.suse.com/1194516"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195211",
        "url": "https://bugzilla.suse.com/1195211"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195254",
        "url": "https://bugzilla.suse.com/1195254"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195403",
        "url": "https://bugzilla.suse.com/1195403"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195612",
        "url": "https://bugzilla.suse.com/1195612"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195897",
        "url": "https://bugzilla.suse.com/1195897"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195905",
        "url": "https://bugzilla.suse.com/1195905"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195939",
        "url": "https://bugzilla.suse.com/1195939"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195949",
        "url": "https://bugzilla.suse.com/1195949"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195987",
        "url": "https://bugzilla.suse.com/1195987"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196079",
        "url": "https://bugzilla.suse.com/1196079"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196095",
        "url": "https://bugzilla.suse.com/1196095"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196132",
        "url": "https://bugzilla.suse.com/1196132"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196155",
        "url": "https://bugzilla.suse.com/1196155"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196299",
        "url": "https://bugzilla.suse.com/1196299"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196301",
        "url": "https://bugzilla.suse.com/1196301"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196433",
        "url": "https://bugzilla.suse.com/1196433"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196468",
        "url": "https://bugzilla.suse.com/1196468"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196472",
        "url": "https://bugzilla.suse.com/1196472"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196627",
        "url": "https://bugzilla.suse.com/1196627"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196723",
        "url": "https://bugzilla.suse.com/1196723"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196779",
        "url": "https://bugzilla.suse.com/1196779"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196830",
        "url": "https://bugzilla.suse.com/1196830"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196836",
        "url": "https://bugzilla.suse.com/1196836"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196866",
        "url": "https://bugzilla.suse.com/1196866"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196868",
        "url": "https://bugzilla.suse.com/1196868"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-0920 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-0920/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39657 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39657/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-44879 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-44879/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0487 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0487/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0617 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0617/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0644 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0644/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24448 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24448/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24958 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24958/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24959 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24959/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-25258 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-25258/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-25636 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-25636/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-26490 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-26490/"
      }
    ],
    "title": "Security update for the Linux Kernel",
    "tracking": {
      "current_release_date": "2022-03-30T07:36:59Z",
      "generator": {
        "date": "2022-03-30T07:36:59Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2022:1037-1",
      "initial_release_date": "2022-03-30T07:36:59Z",
      "revision_history": [
        {
          "date": "2022-03-30T07:36:59Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
                "product": {
                  "name": "kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
                  "product_id": "kernel-devel-azure-5.3.18-150300.38.50.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-azure-5.3.18-150300.38.50.1.noarch",
                "product": {
                  "name": "kernel-source-azure-5.3.18-150300.38.50.1.noarch",
                  "product_id": "kernel-source-azure-5.3.18-150300.38.50.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
                "product": {
                  "name": "cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
                  "product_id": "cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
                "product": {
                  "name": "dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
                  "product_id": "dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
                "product": {
                  "name": "gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
                  "product_id": "gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-azure-5.3.18-150300.38.50.1.x86_64",
                "product": {
                  "name": "kernel-azure-5.3.18-150300.38.50.1.x86_64",
                  "product_id": "kernel-azure-5.3.18-150300.38.50.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
                "product": {
                  "name": "kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
                  "product_id": "kernel-azure-devel-5.3.18-150300.38.50.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
                "product": {
                  "name": "kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
                  "product_id": "kernel-azure-extra-5.3.18-150300.38.50.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
                "product": {
                  "name": "kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
                  "product_id": "kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
                "product": {
                  "name": "kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
                  "product_id": "kernel-azure-optional-5.3.18-150300.38.50.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
                "product": {
                  "name": "kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
                  "product_id": "kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
                "product": {
                  "name": "kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
                  "product_id": "kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
                "product": {
                  "name": "ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
                  "product_id": "ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64",
                "product": {
                  "name": "reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64",
                  "product_id": "reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Public Cloud 15 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Public Cloud 15 SP3",
                  "product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-public-cloud:15:sp3"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-azure-5.3.18-150300.38.50.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64"
        },
        "product_reference": "kernel-azure-5.3.18-150300.38.50.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-azure-devel-5.3.18-150300.38.50.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64"
        },
        "product_reference": "kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-azure-5.3.18-150300.38.50.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch"
        },
        "product_reference": "kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-azure-5.3.18-150300.38.50.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch"
        },
        "product_reference": "kernel-source-azure-5.3.18-150300.38.50.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-azure-5.3.18-150300.38.50.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
        },
        "product_reference": "kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP3"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-0920",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-0920"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196926917References: Upstream kernel",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-0920",
          "url": "https://www.suse.com/security/cve/CVE-2021-0920"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1193731 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1193731"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194463 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1194463"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195939 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1195939"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199255 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1199255"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200084 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1200084"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:36:59Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-0920"
    },
    {
      "cve": "CVE-2021-39657",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39657"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In ufshcd_eh_device_reset_handler of ufshcd.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-194696049References: Upstream kernel",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39657",
          "url": "https://www.suse.com/security/cve/CVE-2021-39657"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1193864 for CVE-2021-39657",
          "url": "https://bugzilla.suse.com/1193864"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:36:59Z",
          "details": "low"
        }
      ],
      "title": "CVE-2021-39657"
    },
    {
      "cve": "CVE-2021-44879",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-44879"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-44879",
          "url": "https://www.suse.com/security/cve/CVE-2021-44879"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195987 for CVE-2021-44879",
          "url": "https://bugzilla.suse.com/1195987"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:36:59Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-44879"
    },
    {
      "cve": "CVE-2022-0487",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0487"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0487",
          "url": "https://www.suse.com/security/cve/CVE-2022-0487"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194516 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1194516"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195949 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1195949"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198615 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1198615"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:36:59Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0487"
    },
    {
      "cve": "CVE-2022-0617",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0617"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0617",
          "url": "https://www.suse.com/security/cve/CVE-2022-0617"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196079 for CVE-2022-0617",
          "url": "https://bugzilla.suse.com/1196079"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:36:59Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0617"
    },
    {
      "cve": "CVE-2022-0644",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0644"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0644",
          "url": "https://www.suse.com/security/cve/CVE-2022-0644"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196155 for CVE-2022-0644",
          "url": "https://bugzilla.suse.com/1196155"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:36:59Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0644"
    },
    {
      "cve": "CVE-2022-24448",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24448"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file descriptor.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24448",
          "url": "https://www.suse.com/security/cve/CVE-2022-24448"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195612 for CVE-2022-24448",
          "url": "https://bugzilla.suse.com/1195612"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:36:59Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24448"
    },
    {
      "cve": "CVE-2022-24958",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24958"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev-\u003ebuf release.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24958",
          "url": "https://www.suse.com/security/cve/CVE-2022-24958"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195905 for CVE-2022-24958",
          "url": "https://bugzilla.suse.com/1195905"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:36:59Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24958"
    },
    {
      "cve": "CVE-2022-24959",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24959"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in yam_siocdevprivate in drivers/net/hamradio/yam.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24959",
          "url": "https://www.suse.com/security/cve/CVE-2022-24959"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195897 for CVE-2022-24959",
          "url": "https://bugzilla.suse.com/1195897"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:36:59Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24959"
    },
    {
      "cve": "CVE-2022-25258",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-25258"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory corruption might occur.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-25258",
          "url": "https://www.suse.com/security/cve/CVE-2022-25258"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196095 for CVE-2022-25258",
          "url": "https://bugzilla.suse.com/1196095"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196132 for CVE-2022-25258",
          "url": "https://bugzilla.suse.com/1196132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:36:59Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-25258"
    },
    {
      "cve": "CVE-2022-25636",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-25636"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-25636",
          "url": "https://www.suse.com/security/cve/CVE-2022-25636"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196299 for CVE-2022-25636",
          "url": "https://bugzilla.suse.com/1196299"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196301 for CVE-2022-25636",
          "url": "https://bugzilla.suse.com/1196301"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:36:59Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-25636"
    },
    {
      "cve": "CVE-2022-26490",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-26490"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-26490",
          "url": "https://www.suse.com/security/cve/CVE-2022-26490"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196830 for CVE-2022-26490",
          "url": "https://bugzilla.suse.com/1196830"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201656 for CVE-2022-26490",
          "url": "https://bugzilla.suse.com/1201656"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201969 for CVE-2022-26490",
          "url": "https://bugzilla.suse.com/1201969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1211495 for CVE-2022-26490",
          "url": "https://bugzilla.suse.com/1211495"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:36:59Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-26490"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security and bugfixes.\n\n\n- CVE-2022-0001: Fixed Branch History Injection vulnerability (bsc#1191580).\n- CVE-2022-0002: Fixed Intra-Mode Branch Target Injection vulnerability (bsc#1191580).\n- CVE-2022-0847: Fixed a vulnerability were a local attackers could overwrite data in arbitrary (read-only) files (bsc#1196584).\n- CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image. (bsc#1196079)\n- CVE-2022-0644: Fixed a denial of service by a local user. A assertion failure could be triggered in kernel_read_file_from_fd() (bsc#1196155).\n- CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were not considered, which lead to a move_data_page NULL pointer dereference (bsc#1195987).\n- CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in drivers/net/hamradio/yam.c (bsc#1195897).\n- CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly (bsc#1195543).\n\nThe following non-security bugs were fixed:\n\n- Bluetooth: bfusb: fix division by zero in send path (git-fixes).\n- EDAC/xgene: Fix deferred probing (bsc#1114648).\n- IB/rdmavt: Validate remote_addr during loopback atomic tests (bsc#1114685).\n- NFSv4.x: by default serialize open/close operations (bsc#1114893 bsc#1195934). Make this work-around optional\n- NFSv42: Do not fail clone() unless the OP_CLONE operation failed (git-fixes).\n- NFSv42: Fix pagecache invalidation after COPY/CLONE (git-fixes).\n- NFSv4: Handle case where the lookup of a directory fails (git-fixes).\n- NFSv4: nfs_atomic_open() can race when looking up a non-regular file (git-fixes).\n- PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA controller (git-fixes).\n- RDMA/bnxt_re: Fix query SRQ failure (bsc#1050244).\n- RDMA/mlx5: Set user priority for DCT (bsc#1103991).\n- RDMA/netlink: Add __maybe_unused to static inline in C file (bsc#1046306).\n- crypto: af_alg - get_page upon reassignment to TX SGL (bsc#1195840).\n- cxgb4: fix eeprom len when diagnostics not implemented (bsc#1097585 bsc#1097586 bsc#1097587 bsc#1097588 bsc#1097583 bsc#1097584).\n- e1000e: Fix packet loss on Tiger Lake and later (bsc#1158533).\n- ext4: avoid trim error on fs with small groups (bsc#1191271).\n- fuse: annotate lock in fuse_reverse_inval_entry() (bsc#1195795).\n- gve: Add RX context (bsc#1191655).\n- gve: Add a jumbo-frame device option (bsc#1191655).\n- gve: Add consumed counts to ethtool stats (bsc#1191655).\n- gve: Add netif_set_xps_queue call (bsc#1191655).\n- gve: Add optional metadata descriptor type GVE_TXD_MTD (bsc#1191655).\n- gve: Add rx buffer pagecnt bias (bsc#1191655).\n- gve: Allow pageflips on larger pages (bsc#1191655).\n- gve: Avoid freeing NULL pointer (bsc#1191655).\n- gve: Correct available tx qpl check (bsc#1191655).\n- gve: Correct order of processing device options (bsc#1191655).\n- gve: DQO: avoid unused variable warnings (bsc#1191655).\n- gve: Do lazy cleanup in TX path (bsc#1191655).\n- gve: Fix GFP flags when allocing pages (bsc#1191655).\n- gve: Implement packet continuation for RX (bsc#1191655).\n- gve: Implement suspend/resume/shutdown (bsc#1191655).\n- gve: Move the irq db indexes out of the ntfy block struct (bsc#1191655).\n- gve: Properly handle errors in gve_assign_qpl (bsc#1191655).\n- gve: Recording rx queue before sending to napi (bsc#1191655).\n- gve: Switch to use napi_complete_done (bsc#1191655).\n- gve: Track RX buffer allocation failures (bsc#1191655).\n- gve: Update gve_free_queue_page_list signature (bsc#1191655).\n- gve: Use kvcalloc() instead of kvzalloc() (bsc#1191655).\n- gve: fix for null pointer dereference (bsc#1191655).\n- gve: fix gve_get_stats() (bsc#1191655).\n- gve: fix the wrong AdminQ buffer queue index check (bsc#1191655).\n- gve: fix unmatched u64_stats_update_end() (bsc#1191655).\n- gve: remove memory barrier around seqno (bsc#1191655).\n- gve: report 64bit tx_bytes counter from gve_handle_report_stats() (bsc#1191655).\n- i40e: Fix changing previously set num_queue_pairs for PFs (bsc#1094978).\n- i40e: Fix correct max_pkt_size on VF RX queue (bsc#1101816 ).\n- i40e: Fix creation of first queue by omitting it if is not power of two (bsc#1101816).\n- i40e: Fix display error code in dmesg (bsc#1109837 bsc#1111981 ).\n- i40e: Fix for displaying message regarding NVM version (jsc#SLE-4797).\n- i40e: Fix freeing of uninitialized misc IRQ vector (bsc#1101816 ).\n- i40e: Fix ping is lost after configuring ADq on VF (bsc#1094978).\n- i40e: Fix pre-set max number of queues for VF (bsc#1111981 ).\n- i40e: Increase delay to 1 s after global EMP reset (bsc#1101816 ).\n- iavf: Fix limit of total number of queues to active queues of VF (bsc#1111981).\n- iavf: prevent accidental free of filter structure (bsc#1111981 ).\n- ibmvnic: Allow queueing resets during probe (bsc#1196516 ltc#196391).\n- ibmvnic: Update driver return codes (bsc#1196516 ltc#196391).\n- ibmvnic: clear fop when retrying probe (bsc#1196516 ltc#196391).\n- ibmvnic: complete init_done on transport events (bsc#1196516 ltc#196391).\n- ibmvnic: define flush_reset_queue helper (bsc#1196516 ltc#196391).\n- ibmvnic: free reset-work-item when flushing (bsc#1196516 ltc#196391).\n- ibmvnic: init init_done_rc earlier (bsc#1196516 ltc#196391).\n- ibmvnic: initialize rc before completing wait (bsc#1196516 ltc#196391).\n- ibmvnic: register netdev after init of adapter (bsc#1196516 ltc#196391).\n- ibmvnic: schedule failover only if vioctl fails (bsc#1196400 ltc#195815).\n- ice: Delete always true check of PF pointer (bsc#1118661 ).\n- ice: ignore dropped packets during init (bsc#1118661 ).\n- igb: Fix removal of unicast MAC filters of VFs (bsc#1117495).\n- ixgbevf: Require large buffers for build_skb on 82599VF (bsc#1101674).\n- kabi: Hide changes to s390/AP structures (jsc#SLE-20809).\n- lib/iov_iter: initialize \u0027flags\u0027 in new pipe_buffer (bsc#1196584).\n- mqprio: Correct stats in mqprio_dump_class_stats() (bsc#1109837).\n- net/ibmvnic: Cleanup workaround doing an EOI after partition migration (bsc#1089644 ltc#166495 ltc#165544 git-fixes).\n- net: Prevent infinite while loop in skb_tx_hash() (bsc#1109837).\n- net: ena: Fix error handling when calculating max IO queues number (bsc#1174852).\n- net: ena: Fix undefined state when tx request id is out of bounds (bsc#1174852).\n- net: marvell: mvpp2: Fix the computation of shared CPUs (bsc#1119113).\n- net: phylink: avoid mvneta warning when setting pause parameters (bsc#1119113).\n- net: usb: pegasus: Do not drop long Ethernet frames (git-fixes).\n- nfsd: fix use-after-free due to delegation race (git-fixes).\n- phylib: fix potential use-after-free (bsc#1119113).\n- platform/mellanox: mlxreg-io: Fix argument base in kstrtou32() call (bsc#1112374).\n- powerpc/64s: Fix debugfs_simple_attr.cocci warnings (bsc#1157038 bsc#1157923 ltc#182612 git-fixes).\n- powerpc/pseries/ddw: Revert \u0027Extend upper limit for huge DMA window for persistent memory\u0027 (bsc#1195995 ltc#196394).\n- powerpc/pseries: read the lpar name from the firmware (bsc#1187716 ltc#193451).\n- powerpc: add link stack flush mitigation status in debugfs (bsc#1157038 bsc#1157923 ltc#182612 git-fixes).\n- qed: Handle management FW error (git-fixes).\n- qed: rdma - do not wait for resources under hw error recovery flow (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- rndis_host: support Hytera digital radios (git-fixes).\n- s390/AP: support new dynamic AP bus size limit (jsc#SLE-20809).\n- s390/ap: rework crypto config info and default domain code (jsc#SLE-20809).\n- s390/cpumf: Support for CPU Measurement Facility CSVN 7 (bsc#1195080 LTC#196090).\n- s390/cpumf: Support for CPU Measurement Sampling Facility LS bit (bsc#1195080 LTC#196090).\n- s390/hypfs: include z/VM guests with access control group set (bsc#1195638 LTC#196354).\n- scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put() (git-fixes).\n- scsi: lpfc: Fix pt2pt NVMe PRLI reject LOGO loop (bsc#1189126).\n- scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write() (git-fixes).\n- scsi: nsp_cs: Check of ioremap return value (git-fixes).\n- scsi: qedf: Fix potential dereference of NULL pointer (git-fixes).\n- scsi: qla2xxx: Add devids and conditionals for 28xx (bsc#1195823).\n- scsi: qla2xxx: Add ql2xnvme_queues module param to configure number of NVMe queues (bsc#1195823).\n- scsi: qla2xxx: Add qla2x00_async_done() for async routines (bsc#1195823).\n- scsi: qla2xxx: Add retry for exec firmware (bsc#1195823).\n- scsi: qla2xxx: Check for firmware dump already collected (bsc#1195823).\n- scsi: qla2xxx: Fix T10 PI tag escape and IP guard options for 28XX adapters (bsc#1195823).\n- scsi: qla2xxx: Fix device reconnect in loop topology (bsc#1195823).\n- scsi: qla2xxx: Fix premature hw access after PCI error (bsc#1195823).\n- scsi: qla2xxx: Fix scheduling while atomic (bsc#1195823).\n- scsi: qla2xxx: Fix stuck session in gpdb (bsc#1195823).\n- scsi: qla2xxx: Fix unmap of already freed sgl (bsc#1195823).\n- scsi: qla2xxx: Fix warning for missing error code (bsc#1195823).\n- scsi: qla2xxx: Fix warning message due to adisc being flushed (bsc#1195823).\n- scsi: qla2xxx: Fix wrong FDMI data for 64G adapter (bsc#1195823).\n- scsi: qla2xxx: Implement ref count for SRB (bsc#1195823).\n- scsi: qla2xxx: Refactor asynchronous command initialization (bsc#1195823).\n- scsi: qla2xxx: Remove a declaration (bsc#1195823).\n- scsi: qla2xxx: Remove unused qla_sess_op_cmd_list from scsi_qla_host_t (bsc#1195823).\n- scsi: qla2xxx: Return -ENOMEM if kzalloc() fails (bsc#1195823).\n- scsi: qla2xxx: Suppress a kernel complaint in qla_create_qpair() (bsc#1195823).\n- scsi: qla2xxx: Update version to 10.02.07.200-k (bsc#1195823).\n- scsi: qla2xxx: Update version to 10.02.07.300-k (bsc#1195823).\n- scsi: qla2xxx: edif: Fix clang warning (bsc#1195823).\n- scsi: qla2xxx: edif: Fix inconsistent check of db_flags (bsc#1195823).\n- scsi: qla2xxx: edif: Reduce connection thrash (bsc#1195823).\n- scsi: qla2xxx: edif: Replace list_for_each_safe with list_for_each_entry_safe (bsc#1195823).\n- scsi: qla2xxx: edif: Tweak trace message (bsc#1195823).\n- scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() (git-fixes).\n- scsi: ufs: Fix race conditions related to driver data (git-fixes).\n- scsi: zfcp: Fix failed recovery on gone remote port with non-NPIV FCP devices (bsc#1195377 LTC#196245).\n- sunrpc/auth_gss: support timeout on gss upcalls (bsc#1193857).\n- tracing: Dump stacktrace trigger to the corresponding instance (git-fixes).\n- tracing: Have traceon and traceoff trigger honor the instance (git-fixes).\n- usb: common: ulpi: Fix crash in ulpi_match() (git-fixes).\n- usb: typec: tcpm: Do not disconnect while receiving VBUS off (git-fixes).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2022-761,SUSE-SLE-RT-12-SP5-2022-761",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_0761-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2022:0761-1",
        "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20220761-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2022:0761-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010398.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1046306",
        "url": "https://bugzilla.suse.com/1046306"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1050244",
        "url": "https://bugzilla.suse.com/1050244"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1089644",
        "url": "https://bugzilla.suse.com/1089644"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1094978",
        "url": "https://bugzilla.suse.com/1094978"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1097583",
        "url": "https://bugzilla.suse.com/1097583"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1097584",
        "url": "https://bugzilla.suse.com/1097584"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1097585",
        "url": "https://bugzilla.suse.com/1097585"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1097586",
        "url": "https://bugzilla.suse.com/1097586"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1097587",
        "url": "https://bugzilla.suse.com/1097587"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1097588",
        "url": "https://bugzilla.suse.com/1097588"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1101674",
        "url": "https://bugzilla.suse.com/1101674"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1101816",
        "url": "https://bugzilla.suse.com/1101816"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1103991",
        "url": "https://bugzilla.suse.com/1103991"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1109837",
        "url": "https://bugzilla.suse.com/1109837"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1111981",
        "url": "https://bugzilla.suse.com/1111981"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112374",
        "url": "https://bugzilla.suse.com/1112374"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1114648",
        "url": "https://bugzilla.suse.com/1114648"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1114685",
        "url": "https://bugzilla.suse.com/1114685"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1114893",
        "url": "https://bugzilla.suse.com/1114893"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1117495",
        "url": "https://bugzilla.suse.com/1117495"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1118661",
        "url": "https://bugzilla.suse.com/1118661"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1119113",
        "url": "https://bugzilla.suse.com/1119113"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1136460",
        "url": "https://bugzilla.suse.com/1136460"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1136461",
        "url": "https://bugzilla.suse.com/1136461"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1157038",
        "url": "https://bugzilla.suse.com/1157038"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1157923",
        "url": "https://bugzilla.suse.com/1157923"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1158533",
        "url": "https://bugzilla.suse.com/1158533"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1174852",
        "url": "https://bugzilla.suse.com/1174852"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1185973",
        "url": "https://bugzilla.suse.com/1185973"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1187716",
        "url": "https://bugzilla.suse.com/1187716"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1189126",
        "url": "https://bugzilla.suse.com/1189126"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1191271",
        "url": "https://bugzilla.suse.com/1191271"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1191580",
        "url": "https://bugzilla.suse.com/1191580"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1191655",
        "url": "https://bugzilla.suse.com/1191655"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193857",
        "url": "https://bugzilla.suse.com/1193857"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195080",
        "url": "https://bugzilla.suse.com/1195080"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195377",
        "url": "https://bugzilla.suse.com/1195377"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195536",
        "url": "https://bugzilla.suse.com/1195536"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195543",
        "url": "https://bugzilla.suse.com/1195543"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195638",
        "url": "https://bugzilla.suse.com/1195638"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195795",
        "url": "https://bugzilla.suse.com/1195795"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195823",
        "url": "https://bugzilla.suse.com/1195823"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195840",
        "url": "https://bugzilla.suse.com/1195840"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195897",
        "url": "https://bugzilla.suse.com/1195897"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195908",
        "url": "https://bugzilla.suse.com/1195908"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195934",
        "url": "https://bugzilla.suse.com/1195934"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195987",
        "url": "https://bugzilla.suse.com/1195987"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195995",
        "url": "https://bugzilla.suse.com/1195995"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196079",
        "url": "https://bugzilla.suse.com/1196079"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196155",
        "url": "https://bugzilla.suse.com/1196155"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196400",
        "url": "https://bugzilla.suse.com/1196400"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196516",
        "url": "https://bugzilla.suse.com/1196516"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196584",
        "url": "https://bugzilla.suse.com/1196584"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196612",
        "url": "https://bugzilla.suse.com/1196612"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-44879 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-44879/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0001 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0001/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0002 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0002/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0492 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0492/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0617 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0617/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0644 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0644/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0847 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0847/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24959 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24959/"
      }
    ],
    "title": "Security update for the Linux Kernel",
    "tracking": {
      "current_release_date": "2022-03-09T13:27:14Z",
      "generator": {
        "date": "2022-03-09T13:27:14Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2022:0761-1",
      "initial_release_date": "2022-03-09T13:27:14Z",
      "revision_history": [
        {
          "date": "2022-03-09T13:27:14Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-devel-rt-4.12.14-10.81.1.noarch",
                "product": {
                  "name": "kernel-devel-rt-4.12.14-10.81.1.noarch",
                  "product_id": "kernel-devel-rt-4.12.14-10.81.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-rt-4.12.14-10.81.1.noarch",
                "product": {
                  "name": "kernel-source-rt-4.12.14-10.81.1.noarch",
                  "product_id": "kernel-source-rt-4.12.14-10.81.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-rt-4.12.14-10.81.1.x86_64",
                "product": {
                  "name": "cluster-md-kmp-rt-4.12.14-10.81.1.x86_64",
                  "product_id": "cluster-md-kmp-rt-4.12.14-10.81.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "cluster-md-kmp-rt_debug-4.12.14-10.81.1.x86_64",
                "product": {
                  "name": "cluster-md-kmp-rt_debug-4.12.14-10.81.1.x86_64",
                  "product_id": "cluster-md-kmp-rt_debug-4.12.14-10.81.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-rt-4.12.14-10.81.1.x86_64",
                "product": {
                  "name": "dlm-kmp-rt-4.12.14-10.81.1.x86_64",
                  "product_id": "dlm-kmp-rt-4.12.14-10.81.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-rt_debug-4.12.14-10.81.1.x86_64",
                "product": {
                  "name": "dlm-kmp-rt_debug-4.12.14-10.81.1.x86_64",
                  "product_id": "dlm-kmp-rt_debug-4.12.14-10.81.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-rt-4.12.14-10.81.1.x86_64",
                "product": {
                  "name": "gfs2-kmp-rt-4.12.14-10.81.1.x86_64",
                  "product_id": "gfs2-kmp-rt-4.12.14-10.81.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-rt_debug-4.12.14-10.81.1.x86_64",
                "product": {
                  "name": "gfs2-kmp-rt_debug-4.12.14-10.81.1.x86_64",
                  "product_id": "gfs2-kmp-rt_debug-4.12.14-10.81.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-4.12.14-10.81.1.x86_64",
                "product": {
                  "name": "kernel-rt-4.12.14-10.81.1.x86_64",
                  "product_id": "kernel-rt-4.12.14-10.81.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-base-4.12.14-10.81.1.x86_64",
                "product": {
                  "name": "kernel-rt-base-4.12.14-10.81.1.x86_64",
                  "product_id": "kernel-rt-base-4.12.14-10.81.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-devel-4.12.14-10.81.1.x86_64",
                "product": {
                  "name": "kernel-rt-devel-4.12.14-10.81.1.x86_64",
                  "product_id": "kernel-rt-devel-4.12.14-10.81.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-extra-4.12.14-10.81.1.x86_64",
                "product": {
                  "name": "kernel-rt-extra-4.12.14-10.81.1.x86_64",
                  "product_id": "kernel-rt-extra-4.12.14-10.81.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-kgraft-devel-4.12.14-10.81.1.x86_64",
                "product": {
                  "name": "kernel-rt-kgraft-devel-4.12.14-10.81.1.x86_64",
                  "product_id": "kernel-rt-kgraft-devel-4.12.14-10.81.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt_debug-4.12.14-10.81.1.x86_64",
                "product": {
                  "name": "kernel-rt_debug-4.12.14-10.81.1.x86_64",
                  "product_id": "kernel-rt_debug-4.12.14-10.81.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt_debug-base-4.12.14-10.81.1.x86_64",
                "product": {
                  "name": "kernel-rt_debug-base-4.12.14-10.81.1.x86_64",
                  "product_id": "kernel-rt_debug-base-4.12.14-10.81.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt_debug-devel-4.12.14-10.81.1.x86_64",
                "product": {
                  "name": "kernel-rt_debug-devel-4.12.14-10.81.1.x86_64",
                  "product_id": "kernel-rt_debug-devel-4.12.14-10.81.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt_debug-extra-4.12.14-10.81.1.x86_64",
                "product": {
                  "name": "kernel-rt_debug-extra-4.12.14-10.81.1.x86_64",
                  "product_id": "kernel-rt_debug-extra-4.12.14-10.81.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt_debug-kgraft-devel-4.12.14-10.81.1.x86_64",
                "product": {
                  "name": "kernel-rt_debug-kgraft-devel-4.12.14-10.81.1.x86_64",
                  "product_id": "kernel-rt_debug-kgraft-devel-4.12.14-10.81.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-rt-4.12.14-10.81.1.x86_64",
                "product": {
                  "name": "kernel-syms-rt-4.12.14-10.81.1.x86_64",
                  "product_id": "kernel-syms-rt-4.12.14-10.81.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-rt-4.12.14-10.81.1.x86_64",
                "product": {
                  "name": "kselftests-kmp-rt-4.12.14-10.81.1.x86_64",
                  "product_id": "kselftests-kmp-rt-4.12.14-10.81.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-rt_debug-4.12.14-10.81.1.x86_64",
                "product": {
                  "name": "kselftests-kmp-rt_debug-4.12.14-10.81.1.x86_64",
                  "product_id": "kselftests-kmp-rt_debug-4.12.14-10.81.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-rt-4.12.14-10.81.1.x86_64",
                "product": {
                  "name": "ocfs2-kmp-rt-4.12.14-10.81.1.x86_64",
                  "product_id": "ocfs2-kmp-rt-4.12.14-10.81.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-rt_debug-4.12.14-10.81.1.x86_64",
                "product": {
                  "name": "ocfs2-kmp-rt_debug-4.12.14-10.81.1.x86_64",
                  "product_id": "ocfs2-kmp-rt_debug-4.12.14-10.81.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Real Time 12 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Real Time 12 SP5",
                  "product_id": "SUSE Linux Enterprise Real Time 12 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse-linux-enterprise-rt:12:sp5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-rt-4.12.14-10.81.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
          "product_id": "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.81.1.x86_64"
        },
        "product_reference": "cluster-md-kmp-rt-4.12.14-10.81.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-rt-4.12.14-10.81.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
          "product_id": "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.81.1.x86_64"
        },
        "product_reference": "dlm-kmp-rt-4.12.14-10.81.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-rt-4.12.14-10.81.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
          "product_id": "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.81.1.x86_64"
        },
        "product_reference": "gfs2-kmp-rt-4.12.14-10.81.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-rt-4.12.14-10.81.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP5",
          "product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.81.1.noarch"
        },
        "product_reference": "kernel-devel-rt-4.12.14-10.81.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-4.12.14-10.81.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
          "product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.81.1.x86_64"
        },
        "product_reference": "kernel-rt-4.12.14-10.81.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-base-4.12.14-10.81.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
          "product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.81.1.x86_64"
        },
        "product_reference": "kernel-rt-base-4.12.14-10.81.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-devel-4.12.14-10.81.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
          "product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.81.1.x86_64"
        },
        "product_reference": "kernel-rt-devel-4.12.14-10.81.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt_debug-4.12.14-10.81.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
          "product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.81.1.x86_64"
        },
        "product_reference": "kernel-rt_debug-4.12.14-10.81.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt_debug-devel-4.12.14-10.81.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
          "product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.81.1.x86_64"
        },
        "product_reference": "kernel-rt_debug-devel-4.12.14-10.81.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-rt-4.12.14-10.81.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP5",
          "product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.81.1.noarch"
        },
        "product_reference": "kernel-source-rt-4.12.14-10.81.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-rt-4.12.14-10.81.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
          "product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.81.1.x86_64"
        },
        "product_reference": "kernel-syms-rt-4.12.14-10.81.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-rt-4.12.14-10.81.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
          "product_id": "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.81.1.x86_64"
        },
        "product_reference": "ocfs2-kmp-rt-4.12.14-10.81.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-44879",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-44879"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.81.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.81.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.81.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-44879",
          "url": "https://www.suse.com/security/cve/CVE-2021-44879"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195987 for CVE-2021-44879",
          "url": "https://bugzilla.suse.com/1195987"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.81.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.81.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.81.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.81.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.81.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.81.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T13:27:14Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-44879"
    },
    {
      "cve": "CVE-2022-0001",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0001"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.81.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.81.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.81.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0001",
          "url": "https://www.suse.com/security/cve/CVE-2022-0001"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191580 for CVE-2022-0001",
          "url": "https://bugzilla.suse.com/1191580"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196901 for CVE-2022-0001",
          "url": "https://bugzilla.suse.com/1196901"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.81.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.81.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.81.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.81.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.81.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.81.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T13:27:14Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0001"
    },
    {
      "cve": "CVE-2022-0002",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0002"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.81.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.81.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.81.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0002",
          "url": "https://www.suse.com/security/cve/CVE-2022-0002"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191580 for CVE-2022-0002",
          "url": "https://bugzilla.suse.com/1191580"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196901 for CVE-2022-0002",
          "url": "https://bugzilla.suse.com/1196901"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.81.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.81.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.81.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.81.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.81.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.81.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T13:27:14Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0002"
    },
    {
      "cve": "CVE-2022-0492",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0492"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability was found in the Linux kernel\u0027s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.81.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.81.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.81.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0492",
          "url": "https://www.suse.com/security/cve/CVE-2022-0492"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195543 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1195543"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195908 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1195908"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196612 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1196612"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196776 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1196776"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198615 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1198615"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199255 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1199255"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199615 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1199615"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200084 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1200084"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.81.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.81.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.81.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.81.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.81.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.81.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T13:27:14Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0492"
    },
    {
      "cve": "CVE-2022-0617",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0617"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.81.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.81.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.81.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0617",
          "url": "https://www.suse.com/security/cve/CVE-2022-0617"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196079 for CVE-2022-0617",
          "url": "https://bugzilla.suse.com/1196079"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.81.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.81.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.81.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.81.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.81.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.81.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T13:27:14Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0617"
    },
    {
      "cve": "CVE-2022-0644",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0644"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.81.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.81.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.81.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0644",
          "url": "https://www.suse.com/security/cve/CVE-2022-0644"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196155 for CVE-2022-0644",
          "url": "https://bugzilla.suse.com/1196155"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.81.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.81.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.81.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.81.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.81.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.81.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T13:27:14Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0644"
    },
    {
      "cve": "CVE-2022-0847",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0847"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in the way the \"flags\" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.81.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.81.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.81.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0847",
          "url": "https://www.suse.com/security/cve/CVE-2022-0847"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196584 for CVE-2022-0847",
          "url": "https://bugzilla.suse.com/1196584"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196601 for CVE-2022-0847",
          "url": "https://bugzilla.suse.com/1196601"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.81.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.81.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.81.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.81.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.81.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.81.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T13:27:14Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-0847"
    },
    {
      "cve": "CVE-2022-24959",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24959"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in yam_siocdevprivate in drivers/net/hamradio/yam.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.81.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.81.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.81.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.81.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24959",
          "url": "https://www.suse.com/security/cve/CVE-2022-24959"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195897 for CVE-2022-24959",
          "url": "https://bugzilla.suse.com/1195897"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.81.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.81.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.81.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.81.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.81.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.81.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.81.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T13:27:14Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24959"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes.\n\n\nTransient execution side-channel attacks attacking the Branch History Buffer (BHB),\nnamed \u0027Branch Target Injection\u0027 and \u0027Intra-Mode Branch History Injection\u0027 are now mitigated.\n\nThe following security bugs were fixed:\n\n- CVE-2022-0001: Fixed Branch History Injection vulnerability (bsc#1191580).\n- CVE-2022-0002: Fixed Intra-Mode Branch Target Injection vulnerability (bsc#1191580).\n- CVE-2022-0847: Fixed a vulnerability were a local attackers could overwrite data in arbitrary (read-only) files (bsc#1196584).\n- CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image. (bsc#1196079)\n- CVE-2022-0644: Fixed a denial of service by a local user. A assertion failure could be triggered in kernel_read_file_from_fd() (bsc#1196155).\n- CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were not considered, which lead to a move_data_page NULL pointer dereference (bsc#1195987).\n- CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in drivers/net/hamradio/yam.c (bsc#1195897).\n- CVE-2022-0487: A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c (bsc#1194516).\n- CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly (bsc#1195543).\n- CVE-2022-24448: Fixed an issue in fs/nfs/dir.c. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should have occured, but the server instead returned uninitialized data in the file descriptor (bsc#1195612).\n- CVE-2022-25375: The RNDIS USB gadget lacks validation of the size of the RNDIS_MSG_SET command. Attackers can obtain sensitive information from kernel memory (bsc#1196235).\n- CVE-2022-0516: Fixed missing check in ioctl related to KVM in s390 allows kernel memory read/write (bsc#1195516).\n- CVE-2022-25258: The USB Gadget subsystem lacked certain validation of interface OS descriptor requests, which could have lead to memory corruption (bsc#1196096).\n- CVE-2022-24958: drivers/usb/gadget/legacy/inode.c mishandled dev-\u003ebuf release (bsc#1195905).\n\nThe following non-security bugs were fixed:\n\n- btrfs: check for missing device in btrfs_trim_fs (bsc#1195701).\n- gve: Add RX context (jsc#SLE-23652).\n- gve: Add a jumbo-frame device option (jsc#SLE-23652).\n- gve: Add consumed counts to ethtool stats (jsc#SLE-23652).\n- gve: Add optional metadata descriptor type GVE_TXD_MTD (jsc#SLE-23652).\n- gve: Correct order of processing device options (jsc#SLE-23652).\n- gve: Fix GFP flags when allocing pages (jsc#SLE-23652).\n- gve: Implement packet continuation for RX (jsc#SLE-23652).\n- gve: Implement suspend/resume/shutdown (jsc#SLE-23652).\n- gve: Move the irq db indexes out of the ntfy block struct (jsc#SLE-23652).\n- gve: Recording rx queue before sending to napi (jsc#SLE-23652).\n- gve: Update gve_free_queue_page_list signature (jsc#SLE-23652).\n- gve: Use kvcalloc() instead of kvzalloc() (jsc#SLE-23652).\n- gve: fix for null pointer dereference (jsc#SLE-23652).\n- gve: fix the wrong AdminQ buffer queue index check (jsc#SLE-23652).\n- gve: fix unmatched u64_stats_update_end() (jsc#SLE-23652).\n- gve: remove memory barrier around seqno (jsc#SLE-23652).\n- lib/iov_iter: initialize \u0027flags\u0027 in new pipe_buffer (bsc#1196584).\n- net: tipc: validate domain record count on input (bsc#1195254).\n- nfsd: allow delegation state ids to be revoked and then freed (bsc#1192483).\n- nfsd: allow lock state ids to be revoked and then freed (bsc#1192483).\n- nfsd: allow open state ids to be revoked and then freed (bsc#1192483).\n- nfsd: do not admin-revoke NSv4.0 state ids (bsc#1192483).\n- nfsd: prepare for supporting admin-revocation of state (bsc#1192483).\n- powerpc/pseries/ddw: Revert \u0027Extend upper limit for huge DMA window for persistent memory\u0027 (bsc#1195995 ltc#196394).\n- scsi: lpfc: Fix pt2pt NVMe PRLI reject LOGO loop (bsc#1189126).\n- scsi: target: iscsi: Fix cmd abort fabric stop race (bsc#1195286).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2022-759,SUSE-SLE-Module-Live-Patching-15-SP2-2022-759,SUSE-SLE-Product-HA-15-SP2-2022-759,SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-759,SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-759,SUSE-SLE-Product-RT-15-SP2-2022-759,SUSE-SLE-Product-SLES-15-SP2-BCL-2022-759,SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-759,SUSE-SLE-Product-SLES_SAP-15-SP2-2022-759,SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-759,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-759,SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-759,SUSE-SUSE-MicroOS-5.0-2022-759,SUSE-Storage-7-2022-759",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_0759-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2022:0759-1",
        "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20220759-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2022:0759-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010392.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1189126",
        "url": "https://bugzilla.suse.com/1189126"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1191580",
        "url": "https://bugzilla.suse.com/1191580"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1192483",
        "url": "https://bugzilla.suse.com/1192483"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194516",
        "url": "https://bugzilla.suse.com/1194516"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195254",
        "url": "https://bugzilla.suse.com/1195254"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195286",
        "url": "https://bugzilla.suse.com/1195286"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195516",
        "url": "https://bugzilla.suse.com/1195516"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195543",
        "url": "https://bugzilla.suse.com/1195543"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195612",
        "url": "https://bugzilla.suse.com/1195612"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195701",
        "url": "https://bugzilla.suse.com/1195701"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195897",
        "url": "https://bugzilla.suse.com/1195897"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195905",
        "url": "https://bugzilla.suse.com/1195905"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195908",
        "url": "https://bugzilla.suse.com/1195908"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195947",
        "url": "https://bugzilla.suse.com/1195947"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195949",
        "url": "https://bugzilla.suse.com/1195949"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195987",
        "url": "https://bugzilla.suse.com/1195987"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195995",
        "url": "https://bugzilla.suse.com/1195995"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196079",
        "url": "https://bugzilla.suse.com/1196079"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196095",
        "url": "https://bugzilla.suse.com/1196095"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196132",
        "url": "https://bugzilla.suse.com/1196132"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196155",
        "url": "https://bugzilla.suse.com/1196155"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196235",
        "url": "https://bugzilla.suse.com/1196235"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196584",
        "url": "https://bugzilla.suse.com/1196584"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196601",
        "url": "https://bugzilla.suse.com/1196601"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196612",
        "url": "https://bugzilla.suse.com/1196612"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196776",
        "url": "https://bugzilla.suse.com/1196776"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-44879 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-44879/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0001 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0001/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0002 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0002/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0487 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0487/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0492 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0492/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0516 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0516/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0617 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0617/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0644 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0644/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0847 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0847/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24448 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24448/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24958 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24958/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24959 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24959/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-25258 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-25258/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-25375 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-25375/"
      }
    ],
    "title": "Security update for the Linux Kernel",
    "tracking": {
      "current_release_date": "2022-03-08T18:06:15Z",
      "generator": {
        "date": "2022-03-08T18:06:15Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2022:0759-1",
      "initial_release_date": "2022-03-08T18:06:15Z",
      "revision_history": [
        {
          "date": "2022-03-08T18:06:15Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
                "product": {
                  "name": "cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
                  "product_id": "cluster-md-kmp-default-5.3.18-24.107.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "cluster-md-kmp-preempt-5.3.18-24.107.1.aarch64",
                "product": {
                  "name": "cluster-md-kmp-preempt-5.3.18-24.107.1.aarch64",
                  "product_id": "cluster-md-kmp-preempt-5.3.18-24.107.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-5.3.18-24.107.1.aarch64",
                "product": {
                  "name": "dlm-kmp-default-5.3.18-24.107.1.aarch64",
                  "product_id": "dlm-kmp-default-5.3.18-24.107.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-preempt-5.3.18-24.107.1.aarch64",
                "product": {
                  "name": "dlm-kmp-preempt-5.3.18-24.107.1.aarch64",
                  "product_id": "dlm-kmp-preempt-5.3.18-24.107.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-5.3.18-24.107.1.aarch64",
                "product": {
                  "name": "gfs2-kmp-default-5.3.18-24.107.1.aarch64",
                  "product_id": "gfs2-kmp-default-5.3.18-24.107.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-preempt-5.3.18-24.107.1.aarch64",
                "product": {
                  "name": "gfs2-kmp-preempt-5.3.18-24.107.1.aarch64",
                  "product_id": "gfs2-kmp-preempt-5.3.18-24.107.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-5.3.18-24.107.1.aarch64",
                "product": {
                  "name": "kernel-default-5.3.18-24.107.1.aarch64",
                  "product_id": "kernel-default-5.3.18-24.107.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
                "product": {
                  "name": "kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
                  "product_id": "kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-rebuild-5.3.18-24.107.1.9.50.2.aarch64",
                "product": {
                  "name": "kernel-default-base-rebuild-5.3.18-24.107.1.9.50.2.aarch64",
                  "product_id": "kernel-default-base-rebuild-5.3.18-24.107.1.9.50.2.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-5.3.18-24.107.1.aarch64",
                "product": {
                  "name": "kernel-default-devel-5.3.18-24.107.1.aarch64",
                  "product_id": "kernel-default-devel-5.3.18-24.107.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-5.3.18-24.107.1.aarch64",
                "product": {
                  "name": "kernel-default-extra-5.3.18-24.107.1.aarch64",
                  "product_id": "kernel-default-extra-5.3.18-24.107.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-5.3.18-24.107.1.aarch64",
                "product": {
                  "name": "kernel-default-livepatch-5.3.18-24.107.1.aarch64",
                  "product_id": "kernel-default-livepatch-5.3.18-24.107.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-devel-5.3.18-24.107.1.aarch64",
                "product": {
                  "name": "kernel-default-livepatch-devel-5.3.18-24.107.1.aarch64",
                  "product_id": "kernel-default-livepatch-devel-5.3.18-24.107.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-5.3.18-24.107.1.aarch64",
                "product": {
                  "name": "kernel-obs-build-5.3.18-24.107.1.aarch64",
                  "product_id": "kernel-obs-build-5.3.18-24.107.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-5.3.18-24.107.1.aarch64",
                "product": {
                  "name": "kernel-obs-qa-5.3.18-24.107.1.aarch64",
                  "product_id": "kernel-obs-qa-5.3.18-24.107.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-preempt-5.3.18-24.107.1.aarch64",
                "product": {
                  "name": "kernel-preempt-5.3.18-24.107.1.aarch64",
                  "product_id": "kernel-preempt-5.3.18-24.107.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-preempt-devel-5.3.18-24.107.1.aarch64",
                "product": {
                  "name": "kernel-preempt-devel-5.3.18-24.107.1.aarch64",
                  "product_id": "kernel-preempt-devel-5.3.18-24.107.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-preempt-extra-5.3.18-24.107.1.aarch64",
                "product": {
                  "name": "kernel-preempt-extra-5.3.18-24.107.1.aarch64",
                  "product_id": "kernel-preempt-extra-5.3.18-24.107.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-preempt-livepatch-devel-5.3.18-24.107.1.aarch64",
                "product": {
                  "name": "kernel-preempt-livepatch-devel-5.3.18-24.107.1.aarch64",
                  "product_id": "kernel-preempt-livepatch-devel-5.3.18-24.107.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-5.3.18-24.107.1.aarch64",
                "product": {
                  "name": "kernel-syms-5.3.18-24.107.1.aarch64",
                  "product_id": "kernel-syms-5.3.18-24.107.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-5.3.18-24.107.1.aarch64",
                "product": {
                  "name": "kselftests-kmp-default-5.3.18-24.107.1.aarch64",
                  "product_id": "kselftests-kmp-default-5.3.18-24.107.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-preempt-5.3.18-24.107.1.aarch64",
                "product": {
                  "name": "kselftests-kmp-preempt-5.3.18-24.107.1.aarch64",
                  "product_id": "kselftests-kmp-preempt-5.3.18-24.107.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
                "product": {
                  "name": "ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
                  "product_id": "ocfs2-kmp-default-5.3.18-24.107.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-preempt-5.3.18-24.107.1.aarch64",
                "product": {
                  "name": "ocfs2-kmp-preempt-5.3.18-24.107.1.aarch64",
                  "product_id": "ocfs2-kmp-preempt-5.3.18-24.107.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
                "product": {
                  "name": "reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
                  "product_id": "reiserfs-kmp-default-5.3.18-24.107.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-preempt-5.3.18-24.107.1.aarch64",
                "product": {
                  "name": "reiserfs-kmp-preempt-5.3.18-24.107.1.aarch64",
                  "product_id": "reiserfs-kmp-preempt-5.3.18-24.107.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-devel-5.3.18-24.107.1.noarch",
                "product": {
                  "name": "kernel-devel-5.3.18-24.107.1.noarch",
                  "product_id": "kernel-devel-5.3.18-24.107.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-docs-5.3.18-24.107.1.noarch",
                "product": {
                  "name": "kernel-docs-5.3.18-24.107.1.noarch",
                  "product_id": "kernel-docs-5.3.18-24.107.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-docs-html-5.3.18-24.107.1.noarch",
                "product": {
                  "name": "kernel-docs-html-5.3.18-24.107.1.noarch",
                  "product_id": "kernel-docs-html-5.3.18-24.107.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-macros-5.3.18-24.107.1.noarch",
                "product": {
                  "name": "kernel-macros-5.3.18-24.107.1.noarch",
                  "product_id": "kernel-macros-5.3.18-24.107.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-5.3.18-24.107.1.noarch",
                "product": {
                  "name": "kernel-source-5.3.18-24.107.1.noarch",
                  "product_id": "kernel-source-5.3.18-24.107.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-vanilla-5.3.18-24.107.1.noarch",
                "product": {
                  "name": "kernel-source-vanilla-5.3.18-24.107.1.noarch",
                  "product_id": "kernel-source-vanilla-5.3.18-24.107.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
                "product": {
                  "name": "cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
                  "product_id": "cluster-md-kmp-default-5.3.18-24.107.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-5.3.18-24.107.1.ppc64le",
                "product": {
                  "name": "dlm-kmp-default-5.3.18-24.107.1.ppc64le",
                  "product_id": "dlm-kmp-default-5.3.18-24.107.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
                "product": {
                  "name": "gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
                  "product_id": "gfs2-kmp-default-5.3.18-24.107.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-5.3.18-24.107.1.ppc64le",
                "product": {
                  "name": "kernel-debug-5.3.18-24.107.1.ppc64le",
                  "product_id": "kernel-debug-5.3.18-24.107.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-devel-5.3.18-24.107.1.ppc64le",
                "product": {
                  "name": "kernel-debug-devel-5.3.18-24.107.1.ppc64le",
                  "product_id": "kernel-debug-devel-5.3.18-24.107.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-livepatch-devel-5.3.18-24.107.1.ppc64le",
                "product": {
                  "name": "kernel-debug-livepatch-devel-5.3.18-24.107.1.ppc64le",
                  "product_id": "kernel-debug-livepatch-devel-5.3.18-24.107.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-5.3.18-24.107.1.ppc64le",
                "product": {
                  "name": "kernel-default-5.3.18-24.107.1.ppc64le",
                  "product_id": "kernel-default-5.3.18-24.107.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
                "product": {
                  "name": "kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
                  "product_id": "kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-rebuild-5.3.18-24.107.1.9.50.2.ppc64le",
                "product": {
                  "name": "kernel-default-base-rebuild-5.3.18-24.107.1.9.50.2.ppc64le",
                  "product_id": "kernel-default-base-rebuild-5.3.18-24.107.1.9.50.2.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-5.3.18-24.107.1.ppc64le",
                "product": {
                  "name": "kernel-default-devel-5.3.18-24.107.1.ppc64le",
                  "product_id": "kernel-default-devel-5.3.18-24.107.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-5.3.18-24.107.1.ppc64le",
                "product": {
                  "name": "kernel-default-extra-5.3.18-24.107.1.ppc64le",
                  "product_id": "kernel-default-extra-5.3.18-24.107.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
                "product": {
                  "name": "kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
                  "product_id": "kernel-default-livepatch-5.3.18-24.107.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
                "product": {
                  "name": "kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
                  "product_id": "kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-5.3.18-24.107.1.ppc64le",
                "product": {
                  "name": "kernel-kvmsmall-5.3.18-24.107.1.ppc64le",
                  "product_id": "kernel-kvmsmall-5.3.18-24.107.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-devel-5.3.18-24.107.1.ppc64le",
                "product": {
                  "name": "kernel-kvmsmall-devel-5.3.18-24.107.1.ppc64le",
                  "product_id": "kernel-kvmsmall-devel-5.3.18-24.107.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-livepatch-devel-5.3.18-24.107.1.ppc64le",
                "product": {
                  "name": "kernel-kvmsmall-livepatch-devel-5.3.18-24.107.1.ppc64le",
                  "product_id": "kernel-kvmsmall-livepatch-devel-5.3.18-24.107.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
                "product": {
                  "name": "kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
                  "product_id": "kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-5.3.18-24.107.1.ppc64le",
                "product": {
                  "name": "kernel-obs-build-5.3.18-24.107.1.ppc64le",
                  "product_id": "kernel-obs-build-5.3.18-24.107.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-5.3.18-24.107.1.ppc64le",
                "product": {
                  "name": "kernel-obs-qa-5.3.18-24.107.1.ppc64le",
                  "product_id": "kernel-obs-qa-5.3.18-24.107.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-5.3.18-24.107.1.ppc64le",
                "product": {
                  "name": "kernel-syms-5.3.18-24.107.1.ppc64le",
                  "product_id": "kernel-syms-5.3.18-24.107.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-5.3.18-24.107.1.ppc64le",
                "product": {
                  "name": "kselftests-kmp-default-5.3.18-24.107.1.ppc64le",
                  "product_id": "kselftests-kmp-default-5.3.18-24.107.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
                "product": {
                  "name": "ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
                  "product_id": "ocfs2-kmp-default-5.3.18-24.107.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
                "product": {
                  "name": "reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
                  "product_id": "reiserfs-kmp-default-5.3.18-24.107.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-5.3.18-24.107.1.s390x",
                "product": {
                  "name": "cluster-md-kmp-default-5.3.18-24.107.1.s390x",
                  "product_id": "cluster-md-kmp-default-5.3.18-24.107.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-5.3.18-24.107.1.s390x",
                "product": {
                  "name": "dlm-kmp-default-5.3.18-24.107.1.s390x",
                  "product_id": "dlm-kmp-default-5.3.18-24.107.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-5.3.18-24.107.1.s390x",
                "product": {
                  "name": "gfs2-kmp-default-5.3.18-24.107.1.s390x",
                  "product_id": "gfs2-kmp-default-5.3.18-24.107.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-5.3.18-24.107.1.s390x",
                "product": {
                  "name": "kernel-default-5.3.18-24.107.1.s390x",
                  "product_id": "kernel-default-5.3.18-24.107.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
                "product": {
                  "name": "kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
                  "product_id": "kernel-default-base-5.3.18-24.107.1.9.50.2.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-rebuild-5.3.18-24.107.1.9.50.2.s390x",
                "product": {
                  "name": "kernel-default-base-rebuild-5.3.18-24.107.1.9.50.2.s390x",
                  "product_id": "kernel-default-base-rebuild-5.3.18-24.107.1.9.50.2.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-5.3.18-24.107.1.s390x",
                "product": {
                  "name": "kernel-default-devel-5.3.18-24.107.1.s390x",
                  "product_id": "kernel-default-devel-5.3.18-24.107.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-5.3.18-24.107.1.s390x",
                "product": {
                  "name": "kernel-default-extra-5.3.18-24.107.1.s390x",
                  "product_id": "kernel-default-extra-5.3.18-24.107.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-5.3.18-24.107.1.s390x",
                "product": {
                  "name": "kernel-default-livepatch-5.3.18-24.107.1.s390x",
                  "product_id": "kernel-default-livepatch-5.3.18-24.107.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
                "product": {
                  "name": "kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
                  "product_id": "kernel-default-livepatch-devel-5.3.18-24.107.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
                "product": {
                  "name": "kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
                  "product_id": "kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-5.3.18-24.107.1.s390x",
                "product": {
                  "name": "kernel-obs-build-5.3.18-24.107.1.s390x",
                  "product_id": "kernel-obs-build-5.3.18-24.107.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-5.3.18-24.107.1.s390x",
                "product": {
                  "name": "kernel-obs-qa-5.3.18-24.107.1.s390x",
                  "product_id": "kernel-obs-qa-5.3.18-24.107.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-5.3.18-24.107.1.s390x",
                "product": {
                  "name": "kernel-syms-5.3.18-24.107.1.s390x",
                  "product_id": "kernel-syms-5.3.18-24.107.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-zfcpdump-5.3.18-24.107.1.s390x",
                "product": {
                  "name": "kernel-zfcpdump-5.3.18-24.107.1.s390x",
                  "product_id": "kernel-zfcpdump-5.3.18-24.107.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-5.3.18-24.107.1.s390x",
                "product": {
                  "name": "kselftests-kmp-default-5.3.18-24.107.1.s390x",
                  "product_id": "kselftests-kmp-default-5.3.18-24.107.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-5.3.18-24.107.1.s390x",
                "product": {
                  "name": "ocfs2-kmp-default-5.3.18-24.107.1.s390x",
                  "product_id": "ocfs2-kmp-default-5.3.18-24.107.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-default-5.3.18-24.107.1.s390x",
                "product": {
                  "name": "reiserfs-kmp-default-5.3.18-24.107.1.s390x",
                  "product_id": "reiserfs-kmp-default-5.3.18-24.107.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
                "product": {
                  "name": "cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
                  "product_id": "cluster-md-kmp-default-5.3.18-24.107.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "cluster-md-kmp-preempt-5.3.18-24.107.1.x86_64",
                "product": {
                  "name": "cluster-md-kmp-preempt-5.3.18-24.107.1.x86_64",
                  "product_id": "cluster-md-kmp-preempt-5.3.18-24.107.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-5.3.18-24.107.1.x86_64",
                "product": {
                  "name": "dlm-kmp-default-5.3.18-24.107.1.x86_64",
                  "product_id": "dlm-kmp-default-5.3.18-24.107.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-preempt-5.3.18-24.107.1.x86_64",
                "product": {
                  "name": "dlm-kmp-preempt-5.3.18-24.107.1.x86_64",
                  "product_id": "dlm-kmp-preempt-5.3.18-24.107.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-5.3.18-24.107.1.x86_64",
                "product": {
                  "name": "gfs2-kmp-default-5.3.18-24.107.1.x86_64",
                  "product_id": "gfs2-kmp-default-5.3.18-24.107.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-preempt-5.3.18-24.107.1.x86_64",
                "product": {
                  "name": "gfs2-kmp-preempt-5.3.18-24.107.1.x86_64",
                  "product_id": "gfs2-kmp-preempt-5.3.18-24.107.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-5.3.18-24.107.1.x86_64",
                "product": {
                  "name": "kernel-debug-5.3.18-24.107.1.x86_64",
                  "product_id": "kernel-debug-5.3.18-24.107.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-devel-5.3.18-24.107.1.x86_64",
                "product": {
                  "name": "kernel-debug-devel-5.3.18-24.107.1.x86_64",
                  "product_id": "kernel-debug-devel-5.3.18-24.107.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-livepatch-devel-5.3.18-24.107.1.x86_64",
                "product": {
                  "name": "kernel-debug-livepatch-devel-5.3.18-24.107.1.x86_64",
                  "product_id": "kernel-debug-livepatch-devel-5.3.18-24.107.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-5.3.18-24.107.1.x86_64",
                "product": {
                  "name": "kernel-default-5.3.18-24.107.1.x86_64",
                  "product_id": "kernel-default-5.3.18-24.107.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
                "product": {
                  "name": "kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
                  "product_id": "kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-rebuild-5.3.18-24.107.1.9.50.2.x86_64",
                "product": {
                  "name": "kernel-default-base-rebuild-5.3.18-24.107.1.9.50.2.x86_64",
                  "product_id": "kernel-default-base-rebuild-5.3.18-24.107.1.9.50.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-5.3.18-24.107.1.x86_64",
                "product": {
                  "name": "kernel-default-devel-5.3.18-24.107.1.x86_64",
                  "product_id": "kernel-default-devel-5.3.18-24.107.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-5.3.18-24.107.1.x86_64",
                "product": {
                  "name": "kernel-default-extra-5.3.18-24.107.1.x86_64",
                  "product_id": "kernel-default-extra-5.3.18-24.107.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-5.3.18-24.107.1.x86_64",
                "product": {
                  "name": "kernel-default-livepatch-5.3.18-24.107.1.x86_64",
                  "product_id": "kernel-default-livepatch-5.3.18-24.107.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
                "product": {
                  "name": "kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
                  "product_id": "kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-5.3.18-24.107.1.x86_64",
                "product": {
                  "name": "kernel-kvmsmall-5.3.18-24.107.1.x86_64",
                  "product_id": "kernel-kvmsmall-5.3.18-24.107.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-devel-5.3.18-24.107.1.x86_64",
                "product": {
                  "name": "kernel-kvmsmall-devel-5.3.18-24.107.1.x86_64",
                  "product_id": "kernel-kvmsmall-devel-5.3.18-24.107.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-livepatch-devel-5.3.18-24.107.1.x86_64",
                "product": {
                  "name": "kernel-kvmsmall-livepatch-devel-5.3.18-24.107.1.x86_64",
                  "product_id": "kernel-kvmsmall-livepatch-devel-5.3.18-24.107.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
                "product": {
                  "name": "kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
                  "product_id": "kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-livepatch-5_3_18-24_107-preempt-1-5.5.1.x86_64",
                "product": {
                  "name": "kernel-livepatch-5_3_18-24_107-preempt-1-5.5.1.x86_64",
                  "product_id": "kernel-livepatch-5_3_18-24_107-preempt-1-5.5.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-5.3.18-24.107.1.x86_64",
                "product": {
                  "name": "kernel-obs-build-5.3.18-24.107.1.x86_64",
                  "product_id": "kernel-obs-build-5.3.18-24.107.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-5.3.18-24.107.1.x86_64",
                "product": {
                  "name": "kernel-obs-qa-5.3.18-24.107.1.x86_64",
                  "product_id": "kernel-obs-qa-5.3.18-24.107.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-preempt-5.3.18-24.107.1.x86_64",
                "product": {
                  "name": "kernel-preempt-5.3.18-24.107.1.x86_64",
                  "product_id": "kernel-preempt-5.3.18-24.107.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-preempt-devel-5.3.18-24.107.1.x86_64",
                "product": {
                  "name": "kernel-preempt-devel-5.3.18-24.107.1.x86_64",
                  "product_id": "kernel-preempt-devel-5.3.18-24.107.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-preempt-extra-5.3.18-24.107.1.x86_64",
                "product": {
                  "name": "kernel-preempt-extra-5.3.18-24.107.1.x86_64",
                  "product_id": "kernel-preempt-extra-5.3.18-24.107.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-preempt-livepatch-devel-5.3.18-24.107.1.x86_64",
                "product": {
                  "name": "kernel-preempt-livepatch-devel-5.3.18-24.107.1.x86_64",
                  "product_id": "kernel-preempt-livepatch-devel-5.3.18-24.107.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-5.3.18-24.107.1.x86_64",
                "product": {
                  "name": "kernel-syms-5.3.18-24.107.1.x86_64",
                  "product_id": "kernel-syms-5.3.18-24.107.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-5.3.18-24.107.1.x86_64",
                "product": {
                  "name": "kselftests-kmp-default-5.3.18-24.107.1.x86_64",
                  "product_id": "kselftests-kmp-default-5.3.18-24.107.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-preempt-5.3.18-24.107.1.x86_64",
                "product": {
                  "name": "kselftests-kmp-preempt-5.3.18-24.107.1.x86_64",
                  "product_id": "kselftests-kmp-preempt-5.3.18-24.107.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
                "product": {
                  "name": "ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
                  "product_id": "ocfs2-kmp-default-5.3.18-24.107.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-preempt-5.3.18-24.107.1.x86_64",
                "product": {
                  "name": "ocfs2-kmp-preempt-5.3.18-24.107.1.x86_64",
                  "product_id": "ocfs2-kmp-preempt-5.3.18-24.107.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
                "product": {
                  "name": "reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
                  "product_id": "reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-preempt-5.3.18-24.107.1.x86_64",
                "product": {
                  "name": "reiserfs-kmp-preempt-5.3.18-24.107.1.x86_64",
                  "product_id": "reiserfs-kmp-preempt-5.3.18-24.107.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Live Patching 15 SP2",
                "product": {
                  "name": "SUSE Linux Enterprise Live Patching 15 SP2",
                  "product_id": "SUSE Linux Enterprise Live Patching 15 SP2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-live-patching:15:sp2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Availability Extension 15 SP2",
                "product": {
                  "name": "SUSE Linux Enterprise High Availability Extension 15 SP2",
                  "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-ha:15:sp2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
                "product": {
                  "name": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
                  "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle_hpc-espos:15:sp2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
                  "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Real Time 15 SP2",
                "product": {
                  "name": "SUSE Linux Enterprise Real Time 15 SP2",
                  "product_id": "SUSE Linux Enterprise Real Time 15 SP2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle_rt:15:sp2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 15 SP2-BCL",
                "product": {
                  "name": "SUSE Linux Enterprise Server 15 SP2-BCL",
                  "product_id": "SUSE Linux Enterprise Server 15 SP2-BCL",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_bcl:15:sp2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:15:sp2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:15:sp2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Manager Proxy 4.1",
                "product": {
                  "name": "SUSE Manager Proxy 4.1",
                  "product_id": "SUSE Manager Proxy 4.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse-manager-proxy:4.1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Manager Retail Branch Server 4.1",
                "product": {
                  "name": "SUSE Manager Retail Branch Server 4.1",
                  "product_id": "SUSE Manager Retail Branch Server 4.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse-manager-retail-branch-server:4.1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Manager Server 4.1",
                "product": {
                  "name": "SUSE Manager Server 4.1",
                  "product_id": "SUSE Manager Server 4.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse-manager-server:4.1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Micro 5.0",
                "product": {
                  "name": "SUSE Linux Enterprise Micro 5.0",
                  "product_id": "SUSE Linux Enterprise Micro 5.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse-microos:5.0"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Enterprise Storage 7",
                "product": {
                  "name": "SUSE Enterprise Storage 7",
                  "product_id": "SUSE Enterprise Storage 7",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:ses:7"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-5.3.18-24.107.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP2",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le"
        },
        "product_reference": "kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-5.3.18-24.107.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP2",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x"
        },
        "product_reference": "kernel-default-livepatch-5.3.18-24.107.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP2",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-default-livepatch-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP2",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le"
        },
        "product_reference": "kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-devel-5.3.18-24.107.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP2",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x"
        },
        "product_reference": "kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP2",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP2",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le"
        },
        "product_reference": "kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP2",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x"
        },
        "product_reference": "kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP2",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64"
        },
        "product_reference": "kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-5.3.18-24.107.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64"
        },
        "product_reference": "cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-5.3.18-24.107.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le"
        },
        "product_reference": "cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-5.3.18-24.107.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x"
        },
        "product_reference": "cluster-md-kmp-default-5.3.18-24.107.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-5.3.18-24.107.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64"
        },
        "product_reference": "dlm-kmp-default-5.3.18-24.107.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-5.3.18-24.107.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le"
        },
        "product_reference": "dlm-kmp-default-5.3.18-24.107.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-5.3.18-24.107.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x"
        },
        "product_reference": "dlm-kmp-default-5.3.18-24.107.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "dlm-kmp-default-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-5.3.18-24.107.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64"
        },
        "product_reference": "gfs2-kmp-default-5.3.18-24.107.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-5.3.18-24.107.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le"
        },
        "product_reference": "gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-5.3.18-24.107.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x"
        },
        "product_reference": "gfs2-kmp-default-5.3.18-24.107.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "gfs2-kmp-default-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-5.3.18-24.107.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64"
        },
        "product_reference": "ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-5.3.18-24.107.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le"
        },
        "product_reference": "ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-5.3.18-24.107.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x"
        },
        "product_reference": "ocfs2-kmp-default-5.3.18-24.107.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.3.18-24.107.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64"
        },
        "product_reference": "kernel-default-5.3.18-24.107.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-default-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64"
        },
        "product_reference": "kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64"
        },
        "product_reference": "kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.3.18-24.107.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64"
        },
        "product_reference": "kernel-default-devel-5.3.18-24.107.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-default-devel-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-5.3.18-24.107.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-devel-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-docs-5.3.18-24.107.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-docs-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-5.3.18-24.107.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-macros-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.3.18-24.107.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64"
        },
        "product_reference": "kernel-obs-build-5.3.18-24.107.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-obs-build-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-5.3.18-24.107.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64"
        },
        "product_reference": "kernel-preempt-5.3.18-24.107.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-preempt-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-devel-5.3.18-24.107.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64"
        },
        "product_reference": "kernel-preempt-devel-5.3.18-24.107.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-devel-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-preempt-devel-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-5.3.18-24.107.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-source-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.3.18-24.107.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64"
        },
        "product_reference": "kernel-syms-5.3.18-24.107.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-syms-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.3.18-24.107.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64"
        },
        "product_reference": "kernel-default-5.3.18-24.107.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-default-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64"
        },
        "product_reference": "kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64"
        },
        "product_reference": "kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.3.18-24.107.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64"
        },
        "product_reference": "kernel-default-devel-5.3.18-24.107.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-default-devel-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-5.3.18-24.107.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-devel-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-docs-5.3.18-24.107.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-docs-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-5.3.18-24.107.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-macros-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.3.18-24.107.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64"
        },
        "product_reference": "kernel-obs-build-5.3.18-24.107.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-obs-build-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-5.3.18-24.107.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64"
        },
        "product_reference": "kernel-preempt-5.3.18-24.107.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-preempt-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-devel-5.3.18-24.107.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64"
        },
        "product_reference": "kernel-preempt-devel-5.3.18-24.107.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-devel-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-preempt-devel-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-5.3.18-24.107.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-source-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.3.18-24.107.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64"
        },
        "product_reference": "kernel-syms-5.3.18-24.107.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-syms-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise Real Time 15 SP2",
          "product_id": "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-default-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64 as component of SUSE Linux Enterprise Real Time 15 SP2",
          "product_id": "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64"
        },
        "product_reference": "kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise Real Time 15 SP2",
          "product_id": "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-default-devel-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-5.3.18-24.107.1.noarch as component of SUSE Linux Enterprise Real Time 15 SP2",
          "product_id": "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-devel-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-docs-5.3.18-24.107.1.noarch as component of SUSE Linux Enterprise Real Time 15 SP2",
          "product_id": "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-docs-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-5.3.18-24.107.1.noarch as component of SUSE Linux Enterprise Real Time 15 SP2",
          "product_id": "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-macros-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise Real Time 15 SP2",
          "product_id": "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-obs-build-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise Real Time 15 SP2",
          "product_id": "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-preempt-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-devel-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise Real Time 15 SP2",
          "product_id": "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-preempt-devel-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-5.3.18-24.107.1.noarch as component of SUSE Linux Enterprise Real Time 15 SP2",
          "product_id": "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-source-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise Real Time 15 SP2",
          "product_id": "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-syms-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-default-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64"
        },
        "product_reference": "kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-default-devel-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-5.3.18-24.107.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-BCL",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-devel-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-docs-5.3.18-24.107.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-BCL",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-docs-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-5.3.18-24.107.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-BCL",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-macros-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-obs-build-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-preempt-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-devel-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-preempt-devel-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-5.3.18-24.107.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-BCL",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-source-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-syms-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.3.18-24.107.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64"
        },
        "product_reference": "kernel-default-5.3.18-24.107.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.3.18-24.107.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le"
        },
        "product_reference": "kernel-default-5.3.18-24.107.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.3.18-24.107.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x"
        },
        "product_reference": "kernel-default-5.3.18-24.107.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-default-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64"
        },
        "product_reference": "kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le"
        },
        "product_reference": "kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.3.18-24.107.1.9.50.2.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x"
        },
        "product_reference": "kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64"
        },
        "product_reference": "kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.3.18-24.107.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64"
        },
        "product_reference": "kernel-default-devel-5.3.18-24.107.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.3.18-24.107.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le"
        },
        "product_reference": "kernel-default-devel-5.3.18-24.107.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.3.18-24.107.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x"
        },
        "product_reference": "kernel-default-devel-5.3.18-24.107.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-default-devel-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-5.3.18-24.107.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-devel-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-docs-5.3.18-24.107.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-docs-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-5.3.18-24.107.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-macros-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.3.18-24.107.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64"
        },
        "product_reference": "kernel-obs-build-5.3.18-24.107.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.3.18-24.107.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le"
        },
        "product_reference": "kernel-obs-build-5.3.18-24.107.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.3.18-24.107.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x"
        },
        "product_reference": "kernel-obs-build-5.3.18-24.107.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-obs-build-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-5.3.18-24.107.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64"
        },
        "product_reference": "kernel-preempt-5.3.18-24.107.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-preempt-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-devel-5.3.18-24.107.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64"
        },
        "product_reference": "kernel-preempt-devel-5.3.18-24.107.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-devel-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-preempt-devel-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-5.3.18-24.107.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-source-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.3.18-24.107.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64"
        },
        "product_reference": "kernel-syms-5.3.18-24.107.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.3.18-24.107.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le"
        },
        "product_reference": "kernel-syms-5.3.18-24.107.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.3.18-24.107.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x"
        },
        "product_reference": "kernel-syms-5.3.18-24.107.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-syms-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.3.18-24.107.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64"
        },
        "product_reference": "reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.3.18-24.107.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le"
        },
        "product_reference": "reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.3.18-24.107.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x"
        },
        "product_reference": "reiserfs-kmp-default-5.3.18-24.107.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.3.18-24.107.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le"
        },
        "product_reference": "kernel-default-5.3.18-24.107.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-default-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le"
        },
        "product_reference": "kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64"
        },
        "product_reference": "kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.3.18-24.107.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le"
        },
        "product_reference": "kernel-default-devel-5.3.18-24.107.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-default-devel-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-5.3.18-24.107.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-devel-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-docs-5.3.18-24.107.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-docs-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-5.3.18-24.107.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-macros-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.3.18-24.107.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le"
        },
        "product_reference": "kernel-obs-build-5.3.18-24.107.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-obs-build-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-preempt-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-devel-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-preempt-devel-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-5.3.18-24.107.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-source-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.3.18-24.107.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le"
        },
        "product_reference": "kernel-syms-5.3.18-24.107.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-syms-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.3.18-24.107.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le"
        },
        "product_reference": "reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.3.18-24.107.1.x86_64 as component of SUSE Manager Proxy 4.1",
          "product_id": "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-default-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Manager Proxy 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64 as component of SUSE Manager Proxy 4.1",
          "product_id": "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64"
        },
        "product_reference": "kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
        "relates_to_product_reference": "SUSE Manager Proxy 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.3.18-24.107.1.x86_64 as component of SUSE Manager Proxy 4.1",
          "product_id": "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-default-devel-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Manager Proxy 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-5.3.18-24.107.1.noarch as component of SUSE Manager Proxy 4.1",
          "product_id": "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-devel-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Manager Proxy 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-docs-5.3.18-24.107.1.noarch as component of SUSE Manager Proxy 4.1",
          "product_id": "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-docs-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Manager Proxy 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-5.3.18-24.107.1.noarch as component of SUSE Manager Proxy 4.1",
          "product_id": "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-macros-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Manager Proxy 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.3.18-24.107.1.x86_64 as component of SUSE Manager Proxy 4.1",
          "product_id": "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-obs-build-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Manager Proxy 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-5.3.18-24.107.1.x86_64 as component of SUSE Manager Proxy 4.1",
          "product_id": "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-preempt-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Manager Proxy 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-devel-5.3.18-24.107.1.x86_64 as component of SUSE Manager Proxy 4.1",
          "product_id": "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-preempt-devel-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Manager Proxy 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-5.3.18-24.107.1.noarch as component of SUSE Manager Proxy 4.1",
          "product_id": "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-source-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Manager Proxy 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.3.18-24.107.1.x86_64 as component of SUSE Manager Proxy 4.1",
          "product_id": "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-syms-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Manager Proxy 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.3.18-24.107.1.x86_64 as component of SUSE Manager Proxy 4.1",
          "product_id": "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Manager Proxy 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.3.18-24.107.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
          "product_id": "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-default-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
          "product_id": "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64"
        },
        "product_reference": "kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
        "relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.3.18-24.107.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
          "product_id": "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-default-devel-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-5.3.18-24.107.1.noarch as component of SUSE Manager Retail Branch Server 4.1",
          "product_id": "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-devel-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-docs-5.3.18-24.107.1.noarch as component of SUSE Manager Retail Branch Server 4.1",
          "product_id": "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-docs-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-5.3.18-24.107.1.noarch as component of SUSE Manager Retail Branch Server 4.1",
          "product_id": "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-macros-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.3.18-24.107.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
          "product_id": "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-obs-build-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-5.3.18-24.107.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
          "product_id": "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-preempt-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-devel-5.3.18-24.107.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
          "product_id": "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-preempt-devel-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-5.3.18-24.107.1.noarch as component of SUSE Manager Retail Branch Server 4.1",
          "product_id": "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-source-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.3.18-24.107.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
          "product_id": "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-syms-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.3.18-24.107.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
          "product_id": "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.3.18-24.107.1.ppc64le as component of SUSE Manager Server 4.1",
          "product_id": "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le"
        },
        "product_reference": "kernel-default-5.3.18-24.107.1.ppc64le",
        "relates_to_product_reference": "SUSE Manager Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.3.18-24.107.1.s390x as component of SUSE Manager Server 4.1",
          "product_id": "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x"
        },
        "product_reference": "kernel-default-5.3.18-24.107.1.s390x",
        "relates_to_product_reference": "SUSE Manager Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.3.18-24.107.1.x86_64 as component of SUSE Manager Server 4.1",
          "product_id": "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-default-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Manager Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le as component of SUSE Manager Server 4.1",
          "product_id": "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le"
        },
        "product_reference": "kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
        "relates_to_product_reference": "SUSE Manager Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.3.18-24.107.1.9.50.2.s390x as component of SUSE Manager Server 4.1",
          "product_id": "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x"
        },
        "product_reference": "kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
        "relates_to_product_reference": "SUSE Manager Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64 as component of SUSE Manager Server 4.1",
          "product_id": "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64"
        },
        "product_reference": "kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
        "relates_to_product_reference": "SUSE Manager Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.3.18-24.107.1.ppc64le as component of SUSE Manager Server 4.1",
          "product_id": "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le"
        },
        "product_reference": "kernel-default-devel-5.3.18-24.107.1.ppc64le",
        "relates_to_product_reference": "SUSE Manager Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.3.18-24.107.1.s390x as component of SUSE Manager Server 4.1",
          "product_id": "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x"
        },
        "product_reference": "kernel-default-devel-5.3.18-24.107.1.s390x",
        "relates_to_product_reference": "SUSE Manager Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.3.18-24.107.1.x86_64 as component of SUSE Manager Server 4.1",
          "product_id": "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-default-devel-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Manager Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-5.3.18-24.107.1.noarch as component of SUSE Manager Server 4.1",
          "product_id": "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-devel-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Manager Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-docs-5.3.18-24.107.1.noarch as component of SUSE Manager Server 4.1",
          "product_id": "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-docs-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Manager Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-5.3.18-24.107.1.noarch as component of SUSE Manager Server 4.1",
          "product_id": "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-macros-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Manager Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.3.18-24.107.1.ppc64le as component of SUSE Manager Server 4.1",
          "product_id": "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le"
        },
        "product_reference": "kernel-obs-build-5.3.18-24.107.1.ppc64le",
        "relates_to_product_reference": "SUSE Manager Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.3.18-24.107.1.s390x as component of SUSE Manager Server 4.1",
          "product_id": "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x"
        },
        "product_reference": "kernel-obs-build-5.3.18-24.107.1.s390x",
        "relates_to_product_reference": "SUSE Manager Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.3.18-24.107.1.x86_64 as component of SUSE Manager Server 4.1",
          "product_id": "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-obs-build-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Manager Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-5.3.18-24.107.1.x86_64 as component of SUSE Manager Server 4.1",
          "product_id": "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-preempt-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Manager Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-devel-5.3.18-24.107.1.x86_64 as component of SUSE Manager Server 4.1",
          "product_id": "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-preempt-devel-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Manager Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-5.3.18-24.107.1.noarch as component of SUSE Manager Server 4.1",
          "product_id": "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-source-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Manager Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.3.18-24.107.1.ppc64le as component of SUSE Manager Server 4.1",
          "product_id": "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le"
        },
        "product_reference": "kernel-syms-5.3.18-24.107.1.ppc64le",
        "relates_to_product_reference": "SUSE Manager Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.3.18-24.107.1.s390x as component of SUSE Manager Server 4.1",
          "product_id": "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x"
        },
        "product_reference": "kernel-syms-5.3.18-24.107.1.s390x",
        "relates_to_product_reference": "SUSE Manager Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.3.18-24.107.1.x86_64 as component of SUSE Manager Server 4.1",
          "product_id": "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-syms-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Manager Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.3.18-24.107.1.ppc64le as component of SUSE Manager Server 4.1",
          "product_id": "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le"
        },
        "product_reference": "reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
        "relates_to_product_reference": "SUSE Manager Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.3.18-24.107.1.s390x as component of SUSE Manager Server 4.1",
          "product_id": "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x"
        },
        "product_reference": "reiserfs-kmp-default-5.3.18-24.107.1.s390x",
        "relates_to_product_reference": "SUSE Manager Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.3.18-24.107.1.x86_64 as component of SUSE Manager Server 4.1",
          "product_id": "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Manager Server 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.3.18-24.107.1.aarch64 as component of SUSE Linux Enterprise Micro 5.0",
          "product_id": "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64"
        },
        "product_reference": "kernel-default-5.3.18-24.107.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.3.18-24.107.1.x86_64 as component of SUSE Linux Enterprise Micro 5.0",
          "product_id": "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-default-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64 as component of SUSE Linux Enterprise Micro 5.0",
          "product_id": "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64"
        },
        "product_reference": "kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64 as component of SUSE Linux Enterprise Micro 5.0",
          "product_id": "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64"
        },
        "product_reference": "kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.3.18-24.107.1.aarch64 as component of SUSE Enterprise Storage 7",
          "product_id": "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64"
        },
        "product_reference": "kernel-default-5.3.18-24.107.1.aarch64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.3.18-24.107.1.x86_64 as component of SUSE Enterprise Storage 7",
          "product_id": "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-default-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64 as component of SUSE Enterprise Storage 7",
          "product_id": "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64"
        },
        "product_reference": "kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64 as component of SUSE Enterprise Storage 7",
          "product_id": "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64"
        },
        "product_reference": "kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.3.18-24.107.1.aarch64 as component of SUSE Enterprise Storage 7",
          "product_id": "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64"
        },
        "product_reference": "kernel-default-devel-5.3.18-24.107.1.aarch64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.3.18-24.107.1.x86_64 as component of SUSE Enterprise Storage 7",
          "product_id": "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-default-devel-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-5.3.18-24.107.1.noarch as component of SUSE Enterprise Storage 7",
          "product_id": "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-devel-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Enterprise Storage 7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-docs-5.3.18-24.107.1.noarch as component of SUSE Enterprise Storage 7",
          "product_id": "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-docs-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Enterprise Storage 7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-5.3.18-24.107.1.noarch as component of SUSE Enterprise Storage 7",
          "product_id": "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-macros-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Enterprise Storage 7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.3.18-24.107.1.aarch64 as component of SUSE Enterprise Storage 7",
          "product_id": "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64"
        },
        "product_reference": "kernel-obs-build-5.3.18-24.107.1.aarch64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.3.18-24.107.1.x86_64 as component of SUSE Enterprise Storage 7",
          "product_id": "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-obs-build-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-5.3.18-24.107.1.aarch64 as component of SUSE Enterprise Storage 7",
          "product_id": "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64"
        },
        "product_reference": "kernel-preempt-5.3.18-24.107.1.aarch64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-5.3.18-24.107.1.x86_64 as component of SUSE Enterprise Storage 7",
          "product_id": "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-preempt-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-devel-5.3.18-24.107.1.aarch64 as component of SUSE Enterprise Storage 7",
          "product_id": "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64"
        },
        "product_reference": "kernel-preempt-devel-5.3.18-24.107.1.aarch64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-devel-5.3.18-24.107.1.x86_64 as component of SUSE Enterprise Storage 7",
          "product_id": "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-preempt-devel-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-5.3.18-24.107.1.noarch as component of SUSE Enterprise Storage 7",
          "product_id": "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch"
        },
        "product_reference": "kernel-source-5.3.18-24.107.1.noarch",
        "relates_to_product_reference": "SUSE Enterprise Storage 7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.3.18-24.107.1.aarch64 as component of SUSE Enterprise Storage 7",
          "product_id": "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64"
        },
        "product_reference": "kernel-syms-5.3.18-24.107.1.aarch64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.3.18-24.107.1.x86_64 as component of SUSE Enterprise Storage 7",
          "product_id": "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "kernel-syms-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.3.18-24.107.1.aarch64 as component of SUSE Enterprise Storage 7",
          "product_id": "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64"
        },
        "product_reference": "reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.3.18-24.107.1.x86_64 as component of SUSE Enterprise Storage 7",
          "product_id": "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
        },
        "product_reference": "reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-44879",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-44879"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-44879",
          "url": "https://www.suse.com/security/cve/CVE-2021-44879"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195987 for CVE-2021-44879",
          "url": "https://bugzilla.suse.com/1195987"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-08T18:06:15Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-44879"
    },
    {
      "cve": "CVE-2022-0001",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0001"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0001",
          "url": "https://www.suse.com/security/cve/CVE-2022-0001"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191580 for CVE-2022-0001",
          "url": "https://bugzilla.suse.com/1191580"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196901 for CVE-2022-0001",
          "url": "https://bugzilla.suse.com/1196901"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-08T18:06:15Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0001"
    },
    {
      "cve": "CVE-2022-0002",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0002"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0002",
          "url": "https://www.suse.com/security/cve/CVE-2022-0002"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191580 for CVE-2022-0002",
          "url": "https://bugzilla.suse.com/1191580"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196901 for CVE-2022-0002",
          "url": "https://bugzilla.suse.com/1196901"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-08T18:06:15Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0002"
    },
    {
      "cve": "CVE-2022-0487",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0487"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0487",
          "url": "https://www.suse.com/security/cve/CVE-2022-0487"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194516 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1194516"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195949 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1195949"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198615 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1198615"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-08T18:06:15Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0487"
    },
    {
      "cve": "CVE-2022-0492",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0492"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability was found in the Linux kernel\u0027s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0492",
          "url": "https://www.suse.com/security/cve/CVE-2022-0492"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195543 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1195543"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195908 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1195908"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196612 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1196612"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196776 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1196776"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198615 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1198615"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199255 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1199255"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199615 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1199615"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200084 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1200084"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-08T18:06:15Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0492"
    },
    {
      "cve": "CVE-2022-0516",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0516"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local attacker with a normal user privilege to obtain unauthorized memory write access. This flaw affects Linux kernel versions prior to 5.17-rc4.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0516",
          "url": "https://www.suse.com/security/cve/CVE-2022-0516"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195516 for CVE-2022-0516",
          "url": "https://bugzilla.suse.com/1195516"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195947 for CVE-2022-0516",
          "url": "https://bugzilla.suse.com/1195947"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-08T18:06:15Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-0516"
    },
    {
      "cve": "CVE-2022-0617",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0617"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0617",
          "url": "https://www.suse.com/security/cve/CVE-2022-0617"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196079 for CVE-2022-0617",
          "url": "https://bugzilla.suse.com/1196079"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-08T18:06:15Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0617"
    },
    {
      "cve": "CVE-2022-0644",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0644"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0644",
          "url": "https://www.suse.com/security/cve/CVE-2022-0644"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196155 for CVE-2022-0644",
          "url": "https://bugzilla.suse.com/1196155"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-08T18:06:15Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0644"
    },
    {
      "cve": "CVE-2022-0847",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0847"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in the way the \"flags\" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0847",
          "url": "https://www.suse.com/security/cve/CVE-2022-0847"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196584 for CVE-2022-0847",
          "url": "https://bugzilla.suse.com/1196584"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196601 for CVE-2022-0847",
          "url": "https://bugzilla.suse.com/1196601"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-08T18:06:15Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-0847"
    },
    {
      "cve": "CVE-2022-24448",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24448"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file descriptor.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24448",
          "url": "https://www.suse.com/security/cve/CVE-2022-24448"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195612 for CVE-2022-24448",
          "url": "https://bugzilla.suse.com/1195612"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-08T18:06:15Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24448"
    },
    {
      "cve": "CVE-2022-24958",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24958"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev-\u003ebuf release.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24958",
          "url": "https://www.suse.com/security/cve/CVE-2022-24958"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195905 for CVE-2022-24958",
          "url": "https://bugzilla.suse.com/1195905"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-08T18:06:15Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24958"
    },
    {
      "cve": "CVE-2022-24959",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24959"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in yam_siocdevprivate in drivers/net/hamradio/yam.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24959",
          "url": "https://www.suse.com/security/cve/CVE-2022-24959"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195897 for CVE-2022-24959",
          "url": "https://bugzilla.suse.com/1195897"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-08T18:06:15Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24959"
    },
    {
      "cve": "CVE-2022-25258",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-25258"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory corruption might occur.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-25258",
          "url": "https://www.suse.com/security/cve/CVE-2022-25258"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196095 for CVE-2022-25258",
          "url": "https://bugzilla.suse.com/1196095"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196132 for CVE-2022-25258",
          "url": "https://bugzilla.suse.com/1196132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-08T18:06:15Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-25258"
    },
    {
      "cve": "CVE-2022-25375",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-25375"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in drivers/usb/gadget/function/rndis.c in the Linux kernel before 5.16.10. The RNDIS USB gadget lacks validation of the size of the RNDIS_MSG_SET command. Attackers can obtain sensitive information from kernel memory.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
          "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
          "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-25375",
          "url": "https://www.suse.com/security/cve/CVE-2022-25375"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196235 for CVE-2022-25375",
          "url": "https://bugzilla.suse.com/1196235"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_107-default-1-5.5.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Real Time 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-BCL:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Proxy 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Proxy 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Proxy 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Retail Branch Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Retail Branch Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.s390x",
            "SUSE Manager Server 4.1:kernel-default-base-5.3.18-24.107.1.9.50.2.x86_64",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-default-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-devel-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-docs-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-macros-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-obs-build-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-preempt-devel-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:kernel-source-5.3.18-24.107.1.noarch",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:kernel-syms-5.3.18-24.107.1.x86_64",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.ppc64le",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.s390x",
            "SUSE Manager Server 4.1:reiserfs-kmp-default-5.3.18-24.107.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-08T18:06:15Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-25375"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes.\n\n\nTransient execution side-channel attacks attacking the Branch History Buffer (BHB),\nnamed \u0027Branch Target Injection\u0027 and \u0027Intra-Mode Branch History Injection\u0027 are now mitigated.\n\nThe following security bugs were fixed:\n\n- CVE-2022-0001: Fixed Branch History Injection vulnerability (bsc#1191580).\n- CVE-2022-0002: Fixed Intra-Mode Branch Target Injection vulnerability (bsc#1191580).\n- CVE-2022-0847: Fixed a vulnerability were a local attackers could overwrite data in arbitrary (read-only) files (bsc#1196584).\n- CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image. (bsc#1196079)\n- CVE-2022-0644: Fixed a denial of service by a local user. A assertion failure could be triggered in kernel_read_file_from_fd() (bsc#1196155).\n- CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were not considered, which lead to a move_data_page NULL pointer dereference (bsc#1195987).\n- CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in drivers/net/hamradio/yam.c (bsc#1195897).\n- CVE-2021-45095: Fixed refcount leak in pep_sock_accept in net/phonet/pep.c (bsc#1193867).\n- CVE-2022-0487: A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c (bsc#1194516).\n- CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly (bsc#1195543).\n- CVE-2022-24448: Fixed an issue in fs/nfs/dir.c. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should have occured, but the server instead returned uninitialized data in the file descriptor (bsc#1195612).\n\nThe following non-security bugs were fixed:\n\n- Bluetooth: bfusb: fix division by zero in send path (git-fixes).\n- Bluetooth: fix the erroneous flush_work() order (git-fixes).\n- EDAC/xgene: Fix deferred probing (bsc#1114648).\n- IB/rdmavt: Validate remote_addr during loopback atomic tests (bsc#1114685).\n- NFSv4.x: by default serialize open/close operations (bsc#1114893 bsc#1195934). Make this work-around optional\n- NFSv42: Do not fail clone() unless the OP_CLONE operation failed (git-fixes).\n- NFSv42: Fix pagecache invalidation after COPY/CLONE (git-fixes).\n- NFSv4: Handle case where the lookup of a directory fails (git-fixes).\n- NFSv4: nfs_atomic_open() can race when looking up a non-regular file (git-fixes).\n- PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA controller (git-fixes).\n- RDMA/bnxt_re: Fix query SRQ failure (bsc#1050244).\n- RDMA/mlx5: Set user priority for DCT (bsc#1103991).\n- RDMA/netlink: Add __maybe_unused to static inline in C file (bsc#1046306).\n- Replace with an alternative fix for bsc#1185377\n- crypto: af_alg - get_page upon reassignment to TX SGL (bsc#1195840).\n- cxgb4: fix eeprom len when diagnostics not implemented (bsc#1097585 bsc#1097586 bsc#1097587 bsc#1097588 bsc#1097583 bsc#1097584).\n- e1000e: Fix packet loss on Tiger Lake and later (bsc#1158533).\n- ext4: avoid trim error on fs with small groups (bsc#1191271).\n- fuse: annotate lock in fuse_reverse_inval_entry() (bsc#1195795).\n- gve: Add RX context (bsc#1191655).\n- gve: Add a jumbo-frame device option (bsc#1191655).\n- gve: Add consumed counts to ethtool stats (bsc#1191655).\n- gve: Add netif_set_xps_queue call (bsc#1191655).\n- gve: Add optional metadata descriptor type GVE_TXD_MTD (bsc#1191655).\n- gve: Add rx buffer pagecnt bias (bsc#1191655).\n- gve: Allow pageflips on larger pages (bsc#1191655).\n- gve: Avoid freeing NULL pointer (bsc#1191655).\n- gve: Correct available tx qpl check (bsc#1191655).\n- gve: Correct order of processing device options (bsc#1191655).\n- gve: DQO: avoid unused variable warnings (bsc#1191655).\n- gve: Do lazy cleanup in TX path (bsc#1191655).\n- gve: Fix GFP flags when allocing pages (bsc#1191655).\n- gve: Implement packet continuation for RX (bsc#1191655).\n- gve: Implement suspend/resume/shutdown (bsc#1191655).\n- gve: Move the irq db indexes out of the ntfy block struct (bsc#1191655).\n- gve: Properly handle errors in gve_assign_qpl (bsc#1191655).\n- gve: Recording rx queue before sending to napi (bsc#1191655).\n- gve: Switch to use napi_complete_done (bsc#1191655).\n- gve: Track RX buffer allocation failures (bsc#1191655).\n- gve: Update gve_free_queue_page_list signature (bsc#1191655).\n- gve: Use kvcalloc() instead of kvzalloc() (bsc#1191655).\n- gve: fix for null pointer dereference (bsc#1191655).\n- gve: fix gve_get_stats() (bsc#1191655).\n- gve: fix the wrong AdminQ buffer queue index check (bsc#1191655).\n- gve: fix unmatched u64_stats_update_end() (bsc#1191655).\n- gve: remove memory barrier around seqno (bsc#1191655).\n- gve: report 64bit tx_bytes counter from gve_handle_report_stats() (bsc#1191655).\n- i40e: Fix changing previously set num_queue_pairs for PFs (bsc#1094978).\n- i40e: Fix correct max_pkt_size on VF RX queue (bsc#1101816 ).\n- i40e: Fix creation of first queue by omitting it if is not power of two (bsc#1101816).\n- i40e: Fix display error code in dmesg (bsc#1109837 bsc#1111981 ).\n- i40e: Fix for displaying message regarding NVM version (jsc#SLE-4797).\n- i40e: Fix freeing of uninitialized misc IRQ vector (bsc#1101816 ).\n- i40e: Fix ping is lost after configuring ADq on VF (bsc#1094978).\n- i40e: Fix pre-set max number of queues for VF (bsc#1111981 ).\n- i40e: Increase delay to 1 s after global EMP reset (bsc#1101816 ).\n- iavf: Fix limit of total number of queues to active queues of VF (bsc#1111981).\n- iavf: prevent accidental free of filter structure (bsc#1111981 ).\n- ibmvnic: Allow queueing resets during probe (bsc#1196516 ltc#196391).\n- ibmvnic: Update driver return codes (bsc#1196516 ltc#196391).\n- ibmvnic: clear fop when retrying probe (bsc#1196516 ltc#196391).\n- ibmvnic: complete init_done on transport events (bsc#1196516 ltc#196391).\n- ibmvnic: define flush_reset_queue helper (bsc#1196516 ltc#196391).\n- ibmvnic: free reset-work-item when flushing (bsc#1196516 ltc#196391).\n- ibmvnic: init init_done_rc earlier (bsc#1196516 ltc#196391).\n- ibmvnic: initialize rc before completing wait (bsc#1196516 ltc#196391).\n- ibmvnic: register netdev after init of adapter (bsc#1196516 ltc#196391).\n- ibmvnic: schedule failover only if vioctl fails (bsc#1196400 ltc#195815).\n- ice: Delete always true check of PF pointer (bsc#1118661 ).\n- ice: ignore dropped packets during init (bsc#1118661 ).\n- igb: Fix removal of unicast MAC filters of VFs (bsc#1117495).\n- ixgbevf: Require large buffers for build_skb on 82599VF (bsc#1101674).\n- kabi: Hide changes to s390/AP structures (jsc#SLE-20809).\n- lib/iov_iter: initialize \u0027flags\u0027 in new pipe_buffer (bsc#1196584).\n- mqprio: Correct stats in mqprio_dump_class_stats() (bsc#1109837).\n- net/ibmvnic: Cleanup workaround doing an EOI after partition migration (bsc#1089644 ltc#166495 ltc#165544 git-fixes).\n- net: Prevent infinite while loop in skb_tx_hash() (bsc#1109837).\n- net: ena: Fix error handling when calculating max IO queues number (bsc#1174852).\n- net: ena: Fix undefined state when tx request id is out of bounds (bsc#1174852).\n- net: marvell: mvpp2: Fix the computation of shared CPUs (bsc#1119113).\n- net: phylink: avoid mvneta warning when setting pause parameters (bsc#1119113).\n- net: usb: pegasus: Do not drop long Ethernet frames (git-fixes).\n- nfsd: fix use-after-free due to delegation race (git-fixes).\n- phylib: fix potential use-after-free (bsc#1119113).\n- platform/mellanox: mlxreg-io: Fix argument base in kstrtou32() call (bsc#1112374).\n- powerpc/64s: Fix debugfs_simple_attr.cocci warnings (bsc#1157038 bsc#1157923 ltc#182612 git-fixes).\n- powerpc/pseries/ddw: Revert \u0027Extend upper limit for huge DMA window for persistent memory\u0027 (bsc#1195995 ltc#196394).\n- powerpc/pseries: read the lpar name from the firmware (bsc#1187716 ltc#193451).\n- powerpc: add link stack flush mitigation status in debugfs (bsc#1157038 bsc#1157923 ltc#182612 git-fixes).\n- qed: Handle management FW error (git-fixes).\n- qed: rdma - do not wait for resources under hw error recovery flow (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- rndis_host: support Hytera digital radios (git-fixes).\n- s390/AP: support new dynamic AP bus size limit (jsc#SLE-20809).\n- s390/ap: rework crypto config info and default domain code (jsc#SLE-20809).\n- s390/cpumf: Support for CPU Measurement Facility CSVN 7 (bsc#1195080 LTC#196090).\n- s390/cpumf: Support for CPU Measurement Sampling Facility LS bit (bsc#1195080 LTC#196090).\n- s390/hypfs: include z/VM guests with access control group set (bsc#1195638 LTC#196354).\n- scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put() (git-fixes).\n- scsi: lpfc: Fix pt2pt NVMe PRLI reject LOGO loop (bsc#1189126).\n- scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write() (git-fixes).\n- scsi: nsp_cs: Check of ioremap return value (git-fixes).\n- scsi: qedf: Fix potential dereference of NULL pointer (git-fixes).\n- scsi: qla2xxx: Add devids and conditionals for 28xx (bsc#1195823).\n- scsi: qla2xxx: Add ql2xnvme_queues module param to configure number of NVMe queues (bsc#1195823).\n- scsi: qla2xxx: Add qla2x00_async_done() for async routines (bsc#1195823).\n- scsi: qla2xxx: Add retry for exec firmware (bsc#1195823).\n- scsi: qla2xxx: Check for firmware dump already collected (bsc#1195823).\n- scsi: qla2xxx: Fix T10 PI tag escape and IP guard options for 28XX adapters (bsc#1195823).\n- scsi: qla2xxx: Fix device reconnect in loop topology (bsc#1195823).\n- scsi: qla2xxx: Fix premature hw access after PCI error (bsc#1195823).\n- scsi: qla2xxx: Fix scheduling while atomic (bsc#1195823).\n- scsi: qla2xxx: Fix stuck session in gpdb (bsc#1195823).\n- scsi: qla2xxx: Fix unmap of already freed sgl (bsc#1195823).\n- scsi: qla2xxx: Fix warning for missing error code (bsc#1195823).\n- scsi: qla2xxx: Fix warning message due to adisc being flushed (bsc#1195823).\n- scsi: qla2xxx: Fix wrong FDMI data for 64G adapter (bsc#1195823).\n- scsi: qla2xxx: Implement ref count for SRB (bsc#1195823).\n- scsi: qla2xxx: Refactor asynchronous command initialization (bsc#1195823).\n- scsi: qla2xxx: Remove a declaration (bsc#1195823).\n- scsi: qla2xxx: Remove unused qla_sess_op_cmd_list from scsi_qla_host_t (bsc#1195823).\n- scsi: qla2xxx: Return -ENOMEM if kzalloc() fails (bsc#1195823).\n- scsi: qla2xxx: Suppress a kernel complaint in qla_create_qpair() (bsc#1195823).\n- scsi: qla2xxx: Update version to 10.02.07.200-k (bsc#1195823).\n- scsi: qla2xxx: Update version to 10.02.07.300-k (bsc#1195823).\n- scsi: qla2xxx: edif: Fix clang warning (bsc#1195823).\n- scsi: qla2xxx: edif: Fix inconsistent check of db_flags (bsc#1195823).\n- scsi: qla2xxx: edif: Reduce connection thrash (bsc#1195823).\n- scsi: qla2xxx: edif: Replace list_for_each_safe with list_for_each_entry_safe (bsc#1195823).\n- scsi: qla2xxx: edif: Tweak trace message (bsc#1195823).\n- scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() (git-fixes).\n- scsi: ufs: Fix race conditions related to driver data (git-fixes).\n- scsi: zfcp: Fix failed recovery on gone remote port with non-NPIV FCP devices (bsc#1195377 LTC#196245).\n- sunrpc/auth_gss: support timeout on gss upcalls (bsc#1193857).\n- tracing: Dump stacktrace trigger to the corresponding instance (git-fixes).\n- tracing: Have traceon and traceoff trigger honor the instance (git-fixes).\n- usb: common: ulpi: Fix crash in ulpi_match() (git-fixes).\n- usb: typec: tcpm: Do not disconnect while receiving VBUS off (git-fixes).\n- xfrm: fix MTU regression (bsc#1185377, bsc#1194048).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2022-765,SUSE-SLE-SERVER-12-SP5-2022-765",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_0765-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2022:0765-1",
        "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20220765-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2022:0765-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010400.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1046306",
        "url": "https://bugzilla.suse.com/1046306"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1050244",
        "url": "https://bugzilla.suse.com/1050244"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1089644",
        "url": "https://bugzilla.suse.com/1089644"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1094978",
        "url": "https://bugzilla.suse.com/1094978"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1097583",
        "url": "https://bugzilla.suse.com/1097583"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1097584",
        "url": "https://bugzilla.suse.com/1097584"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1097585",
        "url": "https://bugzilla.suse.com/1097585"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1097586",
        "url": "https://bugzilla.suse.com/1097586"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1097587",
        "url": "https://bugzilla.suse.com/1097587"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1097588",
        "url": "https://bugzilla.suse.com/1097588"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1101674",
        "url": "https://bugzilla.suse.com/1101674"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1101816",
        "url": "https://bugzilla.suse.com/1101816"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1103991",
        "url": "https://bugzilla.suse.com/1103991"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1109837",
        "url": "https://bugzilla.suse.com/1109837"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1111981",
        "url": "https://bugzilla.suse.com/1111981"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112374",
        "url": "https://bugzilla.suse.com/1112374"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1114648",
        "url": "https://bugzilla.suse.com/1114648"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1114685",
        "url": "https://bugzilla.suse.com/1114685"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1114893",
        "url": "https://bugzilla.suse.com/1114893"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1117495",
        "url": "https://bugzilla.suse.com/1117495"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1118661",
        "url": "https://bugzilla.suse.com/1118661"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1119113",
        "url": "https://bugzilla.suse.com/1119113"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1136460",
        "url": "https://bugzilla.suse.com/1136460"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1136461",
        "url": "https://bugzilla.suse.com/1136461"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1157038",
        "url": "https://bugzilla.suse.com/1157038"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1157923",
        "url": "https://bugzilla.suse.com/1157923"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1158533",
        "url": "https://bugzilla.suse.com/1158533"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1174852",
        "url": "https://bugzilla.suse.com/1174852"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1185377",
        "url": "https://bugzilla.suse.com/1185377"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1185973",
        "url": "https://bugzilla.suse.com/1185973"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1187716",
        "url": "https://bugzilla.suse.com/1187716"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1189126",
        "url": "https://bugzilla.suse.com/1189126"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1191271",
        "url": "https://bugzilla.suse.com/1191271"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1191580",
        "url": "https://bugzilla.suse.com/1191580"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1191655",
        "url": "https://bugzilla.suse.com/1191655"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193857",
        "url": "https://bugzilla.suse.com/1193857"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193867",
        "url": "https://bugzilla.suse.com/1193867"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194048",
        "url": "https://bugzilla.suse.com/1194048"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194516",
        "url": "https://bugzilla.suse.com/1194516"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195080",
        "url": "https://bugzilla.suse.com/1195080"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195377",
        "url": "https://bugzilla.suse.com/1195377"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195536",
        "url": "https://bugzilla.suse.com/1195536"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195543",
        "url": "https://bugzilla.suse.com/1195543"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195612",
        "url": "https://bugzilla.suse.com/1195612"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195638",
        "url": "https://bugzilla.suse.com/1195638"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195795",
        "url": "https://bugzilla.suse.com/1195795"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195823",
        "url": "https://bugzilla.suse.com/1195823"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195840",
        "url": "https://bugzilla.suse.com/1195840"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195897",
        "url": "https://bugzilla.suse.com/1195897"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195908",
        "url": "https://bugzilla.suse.com/1195908"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195934",
        "url": "https://bugzilla.suse.com/1195934"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195949",
        "url": "https://bugzilla.suse.com/1195949"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195987",
        "url": "https://bugzilla.suse.com/1195987"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195995",
        "url": "https://bugzilla.suse.com/1195995"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196079",
        "url": "https://bugzilla.suse.com/1196079"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196155",
        "url": "https://bugzilla.suse.com/1196155"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196400",
        "url": "https://bugzilla.suse.com/1196400"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196516",
        "url": "https://bugzilla.suse.com/1196516"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196584",
        "url": "https://bugzilla.suse.com/1196584"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196612",
        "url": "https://bugzilla.suse.com/1196612"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-44879 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-44879/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-45095 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-45095/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0001 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0001/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0002 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0002/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0487 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0487/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0492 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0492/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0617 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0617/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0644 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0644/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0847 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0847/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24448 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24448/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24959 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24959/"
      }
    ],
    "title": "Security update for the Linux Kernel",
    "tracking": {
      "current_release_date": "2022-04-07T08:11:35Z",
      "generator": {
        "date": "2022-04-07T08:11:35Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2022:0765-1",
      "initial_release_date": "2022-04-07T08:11:35Z",
      "revision_history": [
        {
          "date": "2022-04-07T08:11:35Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-devel-azure-4.12.14-16.91.1.noarch",
                "product": {
                  "name": "kernel-devel-azure-4.12.14-16.91.1.noarch",
                  "product_id": "kernel-devel-azure-4.12.14-16.91.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-azure-4.12.14-16.91.1.noarch",
                "product": {
                  "name": "kernel-source-azure-4.12.14-16.91.1.noarch",
                  "product_id": "kernel-source-azure-4.12.14-16.91.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-azure-4.12.14-16.91.1.x86_64",
                "product": {
                  "name": "cluster-md-kmp-azure-4.12.14-16.91.1.x86_64",
                  "product_id": "cluster-md-kmp-azure-4.12.14-16.91.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-azure-4.12.14-16.91.1.x86_64",
                "product": {
                  "name": "dlm-kmp-azure-4.12.14-16.91.1.x86_64",
                  "product_id": "dlm-kmp-azure-4.12.14-16.91.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-azure-4.12.14-16.91.1.x86_64",
                "product": {
                  "name": "gfs2-kmp-azure-4.12.14-16.91.1.x86_64",
                  "product_id": "gfs2-kmp-azure-4.12.14-16.91.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-azure-4.12.14-16.91.1.x86_64",
                "product": {
                  "name": "kernel-azure-4.12.14-16.91.1.x86_64",
                  "product_id": "kernel-azure-4.12.14-16.91.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-azure-base-4.12.14-16.91.1.x86_64",
                "product": {
                  "name": "kernel-azure-base-4.12.14-16.91.1.x86_64",
                  "product_id": "kernel-azure-base-4.12.14-16.91.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-azure-devel-4.12.14-16.91.1.x86_64",
                "product": {
                  "name": "kernel-azure-devel-4.12.14-16.91.1.x86_64",
                  "product_id": "kernel-azure-devel-4.12.14-16.91.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-azure-extra-4.12.14-16.91.1.x86_64",
                "product": {
                  "name": "kernel-azure-extra-4.12.14-16.91.1.x86_64",
                  "product_id": "kernel-azure-extra-4.12.14-16.91.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-azure-kgraft-devel-4.12.14-16.91.1.x86_64",
                "product": {
                  "name": "kernel-azure-kgraft-devel-4.12.14-16.91.1.x86_64",
                  "product_id": "kernel-azure-kgraft-devel-4.12.14-16.91.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-azure-4.12.14-16.91.1.x86_64",
                "product": {
                  "name": "kernel-syms-azure-4.12.14-16.91.1.x86_64",
                  "product_id": "kernel-syms-azure-4.12.14-16.91.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-azure-4.12.14-16.91.1.x86_64",
                "product": {
                  "name": "kselftests-kmp-azure-4.12.14-16.91.1.x86_64",
                  "product_id": "kselftests-kmp-azure-4.12.14-16.91.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-azure-4.12.14-16.91.1.x86_64",
                "product": {
                  "name": "ocfs2-kmp-azure-4.12.14-16.91.1.x86_64",
                  "product_id": "ocfs2-kmp-azure-4.12.14-16.91.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 12 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12 SP5",
                  "product_id": "SUSE Linux Enterprise Server 12 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles:12:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:12:sp5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-azure-4.12.14-16.91.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64"
        },
        "product_reference": "kernel-azure-4.12.14-16.91.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-azure-base-4.12.14-16.91.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64"
        },
        "product_reference": "kernel-azure-base-4.12.14-16.91.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-azure-devel-4.12.14-16.91.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64"
        },
        "product_reference": "kernel-azure-devel-4.12.14-16.91.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-azure-4.12.14-16.91.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch"
        },
        "product_reference": "kernel-devel-azure-4.12.14-16.91.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-azure-4.12.14-16.91.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch"
        },
        "product_reference": "kernel-source-azure-4.12.14-16.91.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-azure-4.12.14-16.91.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
        },
        "product_reference": "kernel-syms-azure-4.12.14-16.91.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-azure-4.12.14-16.91.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64"
        },
        "product_reference": "kernel-azure-4.12.14-16.91.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-azure-base-4.12.14-16.91.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64"
        },
        "product_reference": "kernel-azure-base-4.12.14-16.91.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-azure-devel-4.12.14-16.91.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64"
        },
        "product_reference": "kernel-azure-devel-4.12.14-16.91.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-azure-4.12.14-16.91.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch"
        },
        "product_reference": "kernel-devel-azure-4.12.14-16.91.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-azure-4.12.14-16.91.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch"
        },
        "product_reference": "kernel-source-azure-4.12.14-16.91.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-azure-4.12.14-16.91.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
        },
        "product_reference": "kernel-syms-azure-4.12.14-16.91.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-44879",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-44879"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-44879",
          "url": "https://www.suse.com/security/cve/CVE-2021-44879"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195987 for CVE-2021-44879",
          "url": "https://bugzilla.suse.com/1195987"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-07T08:11:35Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-44879"
    },
    {
      "cve": "CVE-2021-45095",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-45095"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-45095",
          "url": "https://www.suse.com/security/cve/CVE-2021-45095"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1193867 for CVE-2021-45095",
          "url": "https://bugzilla.suse.com/1193867"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-07T08:11:35Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-45095"
    },
    {
      "cve": "CVE-2022-0001",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0001"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0001",
          "url": "https://www.suse.com/security/cve/CVE-2022-0001"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191580 for CVE-2022-0001",
          "url": "https://bugzilla.suse.com/1191580"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196901 for CVE-2022-0001",
          "url": "https://bugzilla.suse.com/1196901"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-07T08:11:35Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0001"
    },
    {
      "cve": "CVE-2022-0002",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0002"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0002",
          "url": "https://www.suse.com/security/cve/CVE-2022-0002"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191580 for CVE-2022-0002",
          "url": "https://bugzilla.suse.com/1191580"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196901 for CVE-2022-0002",
          "url": "https://bugzilla.suse.com/1196901"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-07T08:11:35Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0002"
    },
    {
      "cve": "CVE-2022-0487",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0487"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0487",
          "url": "https://www.suse.com/security/cve/CVE-2022-0487"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194516 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1194516"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195949 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1195949"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198615 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1198615"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-07T08:11:35Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0487"
    },
    {
      "cve": "CVE-2022-0492",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0492"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability was found in the Linux kernel\u0027s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0492",
          "url": "https://www.suse.com/security/cve/CVE-2022-0492"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195543 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1195543"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195908 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1195908"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196612 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1196612"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196776 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1196776"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198615 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1198615"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199255 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1199255"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199615 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1199615"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200084 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1200084"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-07T08:11:35Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0492"
    },
    {
      "cve": "CVE-2022-0617",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0617"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0617",
          "url": "https://www.suse.com/security/cve/CVE-2022-0617"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196079 for CVE-2022-0617",
          "url": "https://bugzilla.suse.com/1196079"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-07T08:11:35Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0617"
    },
    {
      "cve": "CVE-2022-0644",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0644"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0644",
          "url": "https://www.suse.com/security/cve/CVE-2022-0644"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196155 for CVE-2022-0644",
          "url": "https://bugzilla.suse.com/1196155"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-07T08:11:35Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0644"
    },
    {
      "cve": "CVE-2022-0847",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0847"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in the way the \"flags\" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0847",
          "url": "https://www.suse.com/security/cve/CVE-2022-0847"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196584 for CVE-2022-0847",
          "url": "https://bugzilla.suse.com/1196584"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196601 for CVE-2022-0847",
          "url": "https://bugzilla.suse.com/1196601"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-07T08:11:35Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-0847"
    },
    {
      "cve": "CVE-2022-24448",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24448"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file descriptor.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24448",
          "url": "https://www.suse.com/security/cve/CVE-2022-24448"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195612 for CVE-2022-24448",
          "url": "https://bugzilla.suse.com/1195612"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-07T08:11:35Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24448"
    },
    {
      "cve": "CVE-2022-24959",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24959"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in yam_siocdevprivate in drivers/net/hamradio/yam.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24959",
          "url": "https://www.suse.com/security/cve/CVE-2022-24959"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195897 for CVE-2022-24959",
          "url": "https://bugzilla.suse.com/1195897"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.91.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-07T08:11:35Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24959"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes.\n\n\nTransient execution side-channel attacks attacking the Branch History Buffer (BHB),\nnamed \u0027Branch Target Injection\u0027 and \u0027Intra-Mode Branch History Injection\u0027 are now mitigated.\n\nThe following security bugs were fixed:\n\n- CVE-2022-0001: Fixed Branch History Injection vulnerability (bsc#1191580).\n- CVE-2022-0002: Fixed Intra-Mode Branch Target Injection vulnerability (bsc#1191580).\n- CVE-2022-0847: Fixed a vulnerability were a local attackers could overwrite data in arbitrary (read-only) files (bsc#1196584).\n- CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image. (bsc#1196079)\n- CVE-2022-0644: Fixed a denial of service by a local user. A assertion failure could be triggered in kernel_read_file_from_fd() (bsc#1196155).\n- CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were not considered, which lead to a move_data_page NULL pointer dereference (bsc#1195987).\n- CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in drivers/net/hamradio/yam.c (bsc#1195897).\n- CVE-2022-0487: A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c (bsc#1194516).\n- CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly (bsc#1195543).\n- CVE-2022-24448: Fixed an issue in fs/nfs/dir.c. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should have occured, but the server instead returned uninitialized data in the file descriptor (bsc#1195612).\n\nThe following non-security bugs were fixed:\n\n- crypto: af_alg - get_page upon reassignment to TX SGL (bsc#1195840).\n- hv_netvsc: fix network namespace issues with VF support (bsc#1107207).\n- hv_netvsc: move VF to same namespace as netvsc device (bsc#1107207).\n- lib/iov_iter: initialize \u0027flags\u0027 in new pipe_buffer (bsc#1196584).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2022-766,SUSE-SLE-Module-Live-Patching-15-2022-766,SUSE-SLE-Product-HA-15-2022-766,SUSE-SLE-Product-HPC-15-2022-766,SUSE-SLE-Product-SLES-15-2022-766,SUSE-SLE-Product-SLES_SAP-15-2022-766",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_0766-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2022:0766-1",
        "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20220766-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2022:0766-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010394.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1107207",
        "url": "https://bugzilla.suse.com/1107207"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1185973",
        "url": "https://bugzilla.suse.com/1185973"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1191580",
        "url": "https://bugzilla.suse.com/1191580"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194516",
        "url": "https://bugzilla.suse.com/1194516"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195536",
        "url": "https://bugzilla.suse.com/1195536"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195543",
        "url": "https://bugzilla.suse.com/1195543"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195612",
        "url": "https://bugzilla.suse.com/1195612"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195840",
        "url": "https://bugzilla.suse.com/1195840"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195897",
        "url": "https://bugzilla.suse.com/1195897"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195908",
        "url": "https://bugzilla.suse.com/1195908"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195949",
        "url": "https://bugzilla.suse.com/1195949"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195987",
        "url": "https://bugzilla.suse.com/1195987"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196079",
        "url": "https://bugzilla.suse.com/1196079"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196155",
        "url": "https://bugzilla.suse.com/1196155"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196584",
        "url": "https://bugzilla.suse.com/1196584"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196612",
        "url": "https://bugzilla.suse.com/1196612"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-44879 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-44879/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0001 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0001/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0002 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0002/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0487 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0487/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0492 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0492/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0617 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0617/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0644 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0644/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0847 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0847/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24448 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24448/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24959 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24959/"
      }
    ],
    "title": "Security update for the Linux Kernel",
    "tracking": {
      "current_release_date": "2022-03-09T10:36:15Z",
      "generator": {
        "date": "2022-03-09T10:36:15Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2022:0766-1",
      "initial_release_date": "2022-03-09T10:36:15Z",
      "revision_history": [
        {
          "date": "2022-03-09T10:36:15Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-4.12.14-150.86.1.aarch64",
                "product": {
                  "name": "cluster-md-kmp-default-4.12.14-150.86.1.aarch64",
                  "product_id": "cluster-md-kmp-default-4.12.14-150.86.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-4.12.14-150.86.1.aarch64",
                "product": {
                  "name": "dlm-kmp-default-4.12.14-150.86.1.aarch64",
                  "product_id": "dlm-kmp-default-4.12.14-150.86.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-4.12.14-150.86.1.aarch64",
                "product": {
                  "name": "gfs2-kmp-default-4.12.14-150.86.1.aarch64",
                  "product_id": "gfs2-kmp-default-4.12.14-150.86.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-4.12.14-150.86.1.aarch64",
                "product": {
                  "name": "kernel-default-4.12.14-150.86.1.aarch64",
                  "product_id": "kernel-default-4.12.14-150.86.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-4.12.14-150.86.1.aarch64",
                "product": {
                  "name": "kernel-default-base-4.12.14-150.86.1.aarch64",
                  "product_id": "kernel-default-base-4.12.14-150.86.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-4.12.14-150.86.1.aarch64",
                "product": {
                  "name": "kernel-default-devel-4.12.14-150.86.1.aarch64",
                  "product_id": "kernel-default-devel-4.12.14-150.86.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-4.12.14-150.86.1.aarch64",
                "product": {
                  "name": "kernel-default-extra-4.12.14-150.86.1.aarch64",
                  "product_id": "kernel-default-extra-4.12.14-150.86.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-4.12.14-150.86.1.aarch64",
                "product": {
                  "name": "kernel-default-livepatch-4.12.14-150.86.1.aarch64",
                  "product_id": "kernel-default-livepatch-4.12.14-150.86.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-devel-4.12.14-150.86.1.aarch64",
                "product": {
                  "name": "kernel-default-livepatch-devel-4.12.14-150.86.1.aarch64",
                  "product_id": "kernel-default-livepatch-devel-4.12.14-150.86.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-4.12.14-150.86.1.aarch64",
                "product": {
                  "name": "kernel-obs-build-4.12.14-150.86.1.aarch64",
                  "product_id": "kernel-obs-build-4.12.14-150.86.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-4.12.14-150.86.1.aarch64",
                "product": {
                  "name": "kernel-obs-qa-4.12.14-150.86.1.aarch64",
                  "product_id": "kernel-obs-qa-4.12.14-150.86.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-4.12.14-150.86.1.aarch64",
                "product": {
                  "name": "kernel-syms-4.12.14-150.86.1.aarch64",
                  "product_id": "kernel-syms-4.12.14-150.86.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-4.12.14-150.86.1.aarch64",
                "product": {
                  "name": "kernel-vanilla-4.12.14-150.86.1.aarch64",
                  "product_id": "kernel-vanilla-4.12.14-150.86.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-base-4.12.14-150.86.1.aarch64",
                "product": {
                  "name": "kernel-vanilla-base-4.12.14-150.86.1.aarch64",
                  "product_id": "kernel-vanilla-base-4.12.14-150.86.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-devel-4.12.14-150.86.1.aarch64",
                "product": {
                  "name": "kernel-vanilla-devel-4.12.14-150.86.1.aarch64",
                  "product_id": "kernel-vanilla-devel-4.12.14-150.86.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-livepatch-devel-4.12.14-150.86.1.aarch64",
                "product": {
                  "name": "kernel-vanilla-livepatch-devel-4.12.14-150.86.1.aarch64",
                  "product_id": "kernel-vanilla-livepatch-devel-4.12.14-150.86.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-4.12.14-150.86.1.aarch64",
                "product": {
                  "name": "kselftests-kmp-default-4.12.14-150.86.1.aarch64",
                  "product_id": "kselftests-kmp-default-4.12.14-150.86.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-4.12.14-150.86.1.aarch64",
                "product": {
                  "name": "ocfs2-kmp-default-4.12.14-150.86.1.aarch64",
                  "product_id": "ocfs2-kmp-default-4.12.14-150.86.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-default-4.12.14-150.86.1.aarch64",
                "product": {
                  "name": "reiserfs-kmp-default-4.12.14-150.86.1.aarch64",
                  "product_id": "reiserfs-kmp-default-4.12.14-150.86.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-devel-4.12.14-150.86.1.noarch",
                "product": {
                  "name": "kernel-devel-4.12.14-150.86.1.noarch",
                  "product_id": "kernel-devel-4.12.14-150.86.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-docs-4.12.14-150.86.1.noarch",
                "product": {
                  "name": "kernel-docs-4.12.14-150.86.1.noarch",
                  "product_id": "kernel-docs-4.12.14-150.86.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-docs-html-4.12.14-150.86.1.noarch",
                "product": {
                  "name": "kernel-docs-html-4.12.14-150.86.1.noarch",
                  "product_id": "kernel-docs-html-4.12.14-150.86.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-macros-4.12.14-150.86.1.noarch",
                "product": {
                  "name": "kernel-macros-4.12.14-150.86.1.noarch",
                  "product_id": "kernel-macros-4.12.14-150.86.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-4.12.14-150.86.1.noarch",
                "product": {
                  "name": "kernel-source-4.12.14-150.86.1.noarch",
                  "product_id": "kernel-source-4.12.14-150.86.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-vanilla-4.12.14-150.86.1.noarch",
                "product": {
                  "name": "kernel-source-vanilla-4.12.14-150.86.1.noarch",
                  "product_id": "kernel-source-vanilla-4.12.14-150.86.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-4.12.14-150.86.1.ppc64le",
                "product": {
                  "name": "cluster-md-kmp-default-4.12.14-150.86.1.ppc64le",
                  "product_id": "cluster-md-kmp-default-4.12.14-150.86.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-4.12.14-150.86.1.ppc64le",
                "product": {
                  "name": "dlm-kmp-default-4.12.14-150.86.1.ppc64le",
                  "product_id": "dlm-kmp-default-4.12.14-150.86.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-4.12.14-150.86.1.ppc64le",
                "product": {
                  "name": "gfs2-kmp-default-4.12.14-150.86.1.ppc64le",
                  "product_id": "gfs2-kmp-default-4.12.14-150.86.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-4.12.14-150.86.1.ppc64le",
                "product": {
                  "name": "kernel-debug-4.12.14-150.86.1.ppc64le",
                  "product_id": "kernel-debug-4.12.14-150.86.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-base-4.12.14-150.86.1.ppc64le",
                "product": {
                  "name": "kernel-debug-base-4.12.14-150.86.1.ppc64le",
                  "product_id": "kernel-debug-base-4.12.14-150.86.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-devel-4.12.14-150.86.1.ppc64le",
                "product": {
                  "name": "kernel-debug-devel-4.12.14-150.86.1.ppc64le",
                  "product_id": "kernel-debug-devel-4.12.14-150.86.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-livepatch-devel-4.12.14-150.86.1.ppc64le",
                "product": {
                  "name": "kernel-debug-livepatch-devel-4.12.14-150.86.1.ppc64le",
                  "product_id": "kernel-debug-livepatch-devel-4.12.14-150.86.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-4.12.14-150.86.1.ppc64le",
                "product": {
                  "name": "kernel-default-4.12.14-150.86.1.ppc64le",
                  "product_id": "kernel-default-4.12.14-150.86.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-4.12.14-150.86.1.ppc64le",
                "product": {
                  "name": "kernel-default-base-4.12.14-150.86.1.ppc64le",
                  "product_id": "kernel-default-base-4.12.14-150.86.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-4.12.14-150.86.1.ppc64le",
                "product": {
                  "name": "kernel-default-devel-4.12.14-150.86.1.ppc64le",
                  "product_id": "kernel-default-devel-4.12.14-150.86.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-4.12.14-150.86.1.ppc64le",
                "product": {
                  "name": "kernel-default-extra-4.12.14-150.86.1.ppc64le",
                  "product_id": "kernel-default-extra-4.12.14-150.86.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-4.12.14-150.86.1.ppc64le",
                "product": {
                  "name": "kernel-default-livepatch-4.12.14-150.86.1.ppc64le",
                  "product_id": "kernel-default-livepatch-4.12.14-150.86.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-devel-4.12.14-150.86.1.ppc64le",
                "product": {
                  "name": "kernel-default-livepatch-devel-4.12.14-150.86.1.ppc64le",
                  "product_id": "kernel-default-livepatch-devel-4.12.14-150.86.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le",
                "product": {
                  "name": "kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le",
                  "product_id": "kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-4.12.14-150.86.1.ppc64le",
                "product": {
                  "name": "kernel-obs-build-4.12.14-150.86.1.ppc64le",
                  "product_id": "kernel-obs-build-4.12.14-150.86.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-4.12.14-150.86.1.ppc64le",
                "product": {
                  "name": "kernel-obs-qa-4.12.14-150.86.1.ppc64le",
                  "product_id": "kernel-obs-qa-4.12.14-150.86.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-4.12.14-150.86.1.ppc64le",
                "product": {
                  "name": "kernel-syms-4.12.14-150.86.1.ppc64le",
                  "product_id": "kernel-syms-4.12.14-150.86.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-4.12.14-150.86.1.ppc64le",
                "product": {
                  "name": "kernel-vanilla-4.12.14-150.86.1.ppc64le",
                  "product_id": "kernel-vanilla-4.12.14-150.86.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
                "product": {
                  "name": "kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
                  "product_id": "kernel-vanilla-base-4.12.14-150.86.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-devel-4.12.14-150.86.1.ppc64le",
                "product": {
                  "name": "kernel-vanilla-devel-4.12.14-150.86.1.ppc64le",
                  "product_id": "kernel-vanilla-devel-4.12.14-150.86.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-livepatch-devel-4.12.14-150.86.1.ppc64le",
                "product": {
                  "name": "kernel-vanilla-livepatch-devel-4.12.14-150.86.1.ppc64le",
                  "product_id": "kernel-vanilla-livepatch-devel-4.12.14-150.86.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-4.12.14-150.86.1.ppc64le",
                "product": {
                  "name": "kselftests-kmp-default-4.12.14-150.86.1.ppc64le",
                  "product_id": "kselftests-kmp-default-4.12.14-150.86.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-4.12.14-150.86.1.ppc64le",
                "product": {
                  "name": "ocfs2-kmp-default-4.12.14-150.86.1.ppc64le",
                  "product_id": "ocfs2-kmp-default-4.12.14-150.86.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
                "product": {
                  "name": "reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
                  "product_id": "reiserfs-kmp-default-4.12.14-150.86.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-4.12.14-150.86.1.s390x",
                "product": {
                  "name": "cluster-md-kmp-default-4.12.14-150.86.1.s390x",
                  "product_id": "cluster-md-kmp-default-4.12.14-150.86.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-4.12.14-150.86.1.s390x",
                "product": {
                  "name": "dlm-kmp-default-4.12.14-150.86.1.s390x",
                  "product_id": "dlm-kmp-default-4.12.14-150.86.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-4.12.14-150.86.1.s390x",
                "product": {
                  "name": "gfs2-kmp-default-4.12.14-150.86.1.s390x",
                  "product_id": "gfs2-kmp-default-4.12.14-150.86.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-4.12.14-150.86.1.s390x",
                "product": {
                  "name": "kernel-default-4.12.14-150.86.1.s390x",
                  "product_id": "kernel-default-4.12.14-150.86.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-4.12.14-150.86.1.s390x",
                "product": {
                  "name": "kernel-default-base-4.12.14-150.86.1.s390x",
                  "product_id": "kernel-default-base-4.12.14-150.86.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-4.12.14-150.86.1.s390x",
                "product": {
                  "name": "kernel-default-devel-4.12.14-150.86.1.s390x",
                  "product_id": "kernel-default-devel-4.12.14-150.86.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-4.12.14-150.86.1.s390x",
                "product": {
                  "name": "kernel-default-extra-4.12.14-150.86.1.s390x",
                  "product_id": "kernel-default-extra-4.12.14-150.86.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-4.12.14-150.86.1.s390x",
                "product": {
                  "name": "kernel-default-livepatch-4.12.14-150.86.1.s390x",
                  "product_id": "kernel-default-livepatch-4.12.14-150.86.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-devel-4.12.14-150.86.1.s390x",
                "product": {
                  "name": "kernel-default-livepatch-devel-4.12.14-150.86.1.s390x",
                  "product_id": "kernel-default-livepatch-devel-4.12.14-150.86.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-man-4.12.14-150.86.1.s390x",
                "product": {
                  "name": "kernel-default-man-4.12.14-150.86.1.s390x",
                  "product_id": "kernel-default-man-4.12.14-150.86.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-4.12.14-150.86.1.s390x",
                "product": {
                  "name": "kernel-obs-build-4.12.14-150.86.1.s390x",
                  "product_id": "kernel-obs-build-4.12.14-150.86.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-4.12.14-150.86.1.s390x",
                "product": {
                  "name": "kernel-obs-qa-4.12.14-150.86.1.s390x",
                  "product_id": "kernel-obs-qa-4.12.14-150.86.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-4.12.14-150.86.1.s390x",
                "product": {
                  "name": "kernel-syms-4.12.14-150.86.1.s390x",
                  "product_id": "kernel-syms-4.12.14-150.86.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-4.12.14-150.86.1.s390x",
                "product": {
                  "name": "kernel-vanilla-4.12.14-150.86.1.s390x",
                  "product_id": "kernel-vanilla-4.12.14-150.86.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-base-4.12.14-150.86.1.s390x",
                "product": {
                  "name": "kernel-vanilla-base-4.12.14-150.86.1.s390x",
                  "product_id": "kernel-vanilla-base-4.12.14-150.86.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-devel-4.12.14-150.86.1.s390x",
                "product": {
                  "name": "kernel-vanilla-devel-4.12.14-150.86.1.s390x",
                  "product_id": "kernel-vanilla-devel-4.12.14-150.86.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-livepatch-devel-4.12.14-150.86.1.s390x",
                "product": {
                  "name": "kernel-vanilla-livepatch-devel-4.12.14-150.86.1.s390x",
                  "product_id": "kernel-vanilla-livepatch-devel-4.12.14-150.86.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-zfcpdump-4.12.14-150.86.1.s390x",
                "product": {
                  "name": "kernel-zfcpdump-4.12.14-150.86.1.s390x",
                  "product_id": "kernel-zfcpdump-4.12.14-150.86.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-zfcpdump-man-4.12.14-150.86.1.s390x",
                "product": {
                  "name": "kernel-zfcpdump-man-4.12.14-150.86.1.s390x",
                  "product_id": "kernel-zfcpdump-man-4.12.14-150.86.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-4.12.14-150.86.1.s390x",
                "product": {
                  "name": "kselftests-kmp-default-4.12.14-150.86.1.s390x",
                  "product_id": "kselftests-kmp-default-4.12.14-150.86.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-4.12.14-150.86.1.s390x",
                "product": {
                  "name": "ocfs2-kmp-default-4.12.14-150.86.1.s390x",
                  "product_id": "ocfs2-kmp-default-4.12.14-150.86.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-default-4.12.14-150.86.1.s390x",
                "product": {
                  "name": "reiserfs-kmp-default-4.12.14-150.86.1.s390x",
                  "product_id": "reiserfs-kmp-default-4.12.14-150.86.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-4.12.14-150.86.1.x86_64",
                "product": {
                  "name": "cluster-md-kmp-default-4.12.14-150.86.1.x86_64",
                  "product_id": "cluster-md-kmp-default-4.12.14-150.86.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-4.12.14-150.86.1.x86_64",
                "product": {
                  "name": "dlm-kmp-default-4.12.14-150.86.1.x86_64",
                  "product_id": "dlm-kmp-default-4.12.14-150.86.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-4.12.14-150.86.1.x86_64",
                "product": {
                  "name": "gfs2-kmp-default-4.12.14-150.86.1.x86_64",
                  "product_id": "gfs2-kmp-default-4.12.14-150.86.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-4.12.14-150.86.1.x86_64",
                "product": {
                  "name": "kernel-debug-4.12.14-150.86.1.x86_64",
                  "product_id": "kernel-debug-4.12.14-150.86.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-base-4.12.14-150.86.1.x86_64",
                "product": {
                  "name": "kernel-debug-base-4.12.14-150.86.1.x86_64",
                  "product_id": "kernel-debug-base-4.12.14-150.86.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-devel-4.12.14-150.86.1.x86_64",
                "product": {
                  "name": "kernel-debug-devel-4.12.14-150.86.1.x86_64",
                  "product_id": "kernel-debug-devel-4.12.14-150.86.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-livepatch-devel-4.12.14-150.86.1.x86_64",
                "product": {
                  "name": "kernel-debug-livepatch-devel-4.12.14-150.86.1.x86_64",
                  "product_id": "kernel-debug-livepatch-devel-4.12.14-150.86.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-4.12.14-150.86.1.x86_64",
                "product": {
                  "name": "kernel-default-4.12.14-150.86.1.x86_64",
                  "product_id": "kernel-default-4.12.14-150.86.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-4.12.14-150.86.1.x86_64",
                "product": {
                  "name": "kernel-default-base-4.12.14-150.86.1.x86_64",
                  "product_id": "kernel-default-base-4.12.14-150.86.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-4.12.14-150.86.1.x86_64",
                "product": {
                  "name": "kernel-default-devel-4.12.14-150.86.1.x86_64",
                  "product_id": "kernel-default-devel-4.12.14-150.86.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-4.12.14-150.86.1.x86_64",
                "product": {
                  "name": "kernel-default-extra-4.12.14-150.86.1.x86_64",
                  "product_id": "kernel-default-extra-4.12.14-150.86.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-4.12.14-150.86.1.x86_64",
                "product": {
                  "name": "kernel-default-livepatch-4.12.14-150.86.1.x86_64",
                  "product_id": "kernel-default-livepatch-4.12.14-150.86.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-devel-4.12.14-150.86.1.x86_64",
                "product": {
                  "name": "kernel-default-livepatch-devel-4.12.14-150.86.1.x86_64",
                  "product_id": "kernel-default-livepatch-devel-4.12.14-150.86.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-4.12.14-150.86.1.x86_64",
                "product": {
                  "name": "kernel-kvmsmall-4.12.14-150.86.1.x86_64",
                  "product_id": "kernel-kvmsmall-4.12.14-150.86.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-base-4.12.14-150.86.1.x86_64",
                "product": {
                  "name": "kernel-kvmsmall-base-4.12.14-150.86.1.x86_64",
                  "product_id": "kernel-kvmsmall-base-4.12.14-150.86.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-devel-4.12.14-150.86.1.x86_64",
                "product": {
                  "name": "kernel-kvmsmall-devel-4.12.14-150.86.1.x86_64",
                  "product_id": "kernel-kvmsmall-devel-4.12.14-150.86.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-livepatch-devel-4.12.14-150.86.1.x86_64",
                "product": {
                  "name": "kernel-kvmsmall-livepatch-devel-4.12.14-150.86.1.x86_64",
                  "product_id": "kernel-kvmsmall-livepatch-devel-4.12.14-150.86.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64",
                "product": {
                  "name": "kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64",
                  "product_id": "kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-4.12.14-150.86.1.x86_64",
                "product": {
                  "name": "kernel-obs-build-4.12.14-150.86.1.x86_64",
                  "product_id": "kernel-obs-build-4.12.14-150.86.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-4.12.14-150.86.1.x86_64",
                "product": {
                  "name": "kernel-obs-qa-4.12.14-150.86.1.x86_64",
                  "product_id": "kernel-obs-qa-4.12.14-150.86.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-4.12.14-150.86.1.x86_64",
                "product": {
                  "name": "kernel-syms-4.12.14-150.86.1.x86_64",
                  "product_id": "kernel-syms-4.12.14-150.86.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-4.12.14-150.86.1.x86_64",
                "product": {
                  "name": "kernel-vanilla-4.12.14-150.86.1.x86_64",
                  "product_id": "kernel-vanilla-4.12.14-150.86.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-base-4.12.14-150.86.1.x86_64",
                "product": {
                  "name": "kernel-vanilla-base-4.12.14-150.86.1.x86_64",
                  "product_id": "kernel-vanilla-base-4.12.14-150.86.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-devel-4.12.14-150.86.1.x86_64",
                "product": {
                  "name": "kernel-vanilla-devel-4.12.14-150.86.1.x86_64",
                  "product_id": "kernel-vanilla-devel-4.12.14-150.86.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-livepatch-devel-4.12.14-150.86.1.x86_64",
                "product": {
                  "name": "kernel-vanilla-livepatch-devel-4.12.14-150.86.1.x86_64",
                  "product_id": "kernel-vanilla-livepatch-devel-4.12.14-150.86.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-4.12.14-150.86.1.x86_64",
                "product": {
                  "name": "kselftests-kmp-default-4.12.14-150.86.1.x86_64",
                  "product_id": "kselftests-kmp-default-4.12.14-150.86.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-4.12.14-150.86.1.x86_64",
                "product": {
                  "name": "ocfs2-kmp-default-4.12.14-150.86.1.x86_64",
                  "product_id": "ocfs2-kmp-default-4.12.14-150.86.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-default-4.12.14-150.86.1.x86_64",
                "product": {
                  "name": "reiserfs-kmp-default-4.12.14-150.86.1.x86_64",
                  "product_id": "reiserfs-kmp-default-4.12.14-150.86.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Live Patching 15",
                "product": {
                  "name": "SUSE Linux Enterprise Live Patching 15",
                  "product_id": "SUSE Linux Enterprise Live Patching 15",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-live-patching:15"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Availability Extension 15",
                "product": {
                  "name": "SUSE Linux Enterprise High Availability Extension 15",
                  "product_id": "SUSE Linux Enterprise High Availability Extension 15",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-ha:15"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
                "product": {
                  "name": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
                  "product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle_hpc-espos:15"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
                  "product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle_hpc-ltss:15"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 15-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 15-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 15-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:15"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 15",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 15",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 15",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:15"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-4.12.14-150.86.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15",
          "product_id": "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.ppc64le"
        },
        "product_reference": "kernel-default-livepatch-4.12.14-150.86.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-4.12.14-150.86.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15",
          "product_id": "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.x86_64"
        },
        "product_reference": "kernel-default-livepatch-4.12.14-150.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15",
          "product_id": "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le"
        },
        "product_reference": "kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15",
          "product_id": "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64"
        },
        "product_reference": "kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-4.12.14-150.86.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.aarch64"
        },
        "product_reference": "cluster-md-kmp-default-4.12.14-150.86.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-4.12.14-150.86.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.ppc64le"
        },
        "product_reference": "cluster-md-kmp-default-4.12.14-150.86.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-4.12.14-150.86.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.s390x"
        },
        "product_reference": "cluster-md-kmp-default-4.12.14-150.86.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-4.12.14-150.86.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.x86_64"
        },
        "product_reference": "cluster-md-kmp-default-4.12.14-150.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-4.12.14-150.86.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.aarch64"
        },
        "product_reference": "dlm-kmp-default-4.12.14-150.86.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-4.12.14-150.86.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.ppc64le"
        },
        "product_reference": "dlm-kmp-default-4.12.14-150.86.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-4.12.14-150.86.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.s390x"
        },
        "product_reference": "dlm-kmp-default-4.12.14-150.86.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-4.12.14-150.86.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.x86_64"
        },
        "product_reference": "dlm-kmp-default-4.12.14-150.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-4.12.14-150.86.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.aarch64"
        },
        "product_reference": "gfs2-kmp-default-4.12.14-150.86.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-4.12.14-150.86.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.ppc64le"
        },
        "product_reference": "gfs2-kmp-default-4.12.14-150.86.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-4.12.14-150.86.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.s390x"
        },
        "product_reference": "gfs2-kmp-default-4.12.14-150.86.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-4.12.14-150.86.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.x86_64"
        },
        "product_reference": "gfs2-kmp-default-4.12.14-150.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-4.12.14-150.86.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.aarch64"
        },
        "product_reference": "ocfs2-kmp-default-4.12.14-150.86.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-4.12.14-150.86.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.ppc64le"
        },
        "product_reference": "ocfs2-kmp-default-4.12.14-150.86.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-4.12.14-150.86.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.s390x"
        },
        "product_reference": "ocfs2-kmp-default-4.12.14-150.86.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-4.12.14-150.86.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.x86_64"
        },
        "product_reference": "ocfs2-kmp-default-4.12.14-150.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-150.86.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.aarch64"
        },
        "product_reference": "kernel-default-4.12.14-150.86.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-150.86.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.x86_64"
        },
        "product_reference": "kernel-default-4.12.14-150.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-150.86.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.aarch64"
        },
        "product_reference": "kernel-default-base-4.12.14-150.86.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-150.86.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.x86_64"
        },
        "product_reference": "kernel-default-base-4.12.14-150.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-150.86.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.aarch64"
        },
        "product_reference": "kernel-default-devel-4.12.14-150.86.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-150.86.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.x86_64"
        },
        "product_reference": "kernel-default-devel-4.12.14-150.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-4.12.14-150.86.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-devel-4.12.14-150.86.1.noarch"
        },
        "product_reference": "kernel-devel-4.12.14-150.86.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-docs-4.12.14-150.86.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-docs-4.12.14-150.86.1.noarch"
        },
        "product_reference": "kernel-docs-4.12.14-150.86.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-4.12.14-150.86.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-macros-4.12.14-150.86.1.noarch"
        },
        "product_reference": "kernel-macros-4.12.14-150.86.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-4.12.14-150.86.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.aarch64"
        },
        "product_reference": "kernel-obs-build-4.12.14-150.86.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-4.12.14-150.86.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.x86_64"
        },
        "product_reference": "kernel-obs-build-4.12.14-150.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-4.12.14-150.86.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-source-4.12.14-150.86.1.noarch"
        },
        "product_reference": "kernel-source-4.12.14-150.86.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-150.86.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.aarch64"
        },
        "product_reference": "kernel-syms-4.12.14-150.86.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-150.86.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.x86_64"
        },
        "product_reference": "kernel-syms-4.12.14-150.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-vanilla-base-4.12.14-150.86.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.aarch64"
        },
        "product_reference": "kernel-vanilla-base-4.12.14-150.86.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-vanilla-base-4.12.14-150.86.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.x86_64"
        },
        "product_reference": "kernel-vanilla-base-4.12.14-150.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-150.86.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64"
        },
        "product_reference": "kernel-default-4.12.14-150.86.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-150.86.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64"
        },
        "product_reference": "kernel-default-4.12.14-150.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-150.86.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64"
        },
        "product_reference": "kernel-default-base-4.12.14-150.86.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-150.86.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64"
        },
        "product_reference": "kernel-default-base-4.12.14-150.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-150.86.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64"
        },
        "product_reference": "kernel-default-devel-4.12.14-150.86.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-150.86.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64"
        },
        "product_reference": "kernel-default-devel-4.12.14-150.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-4.12.14-150.86.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch"
        },
        "product_reference": "kernel-devel-4.12.14-150.86.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-docs-4.12.14-150.86.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch"
        },
        "product_reference": "kernel-docs-4.12.14-150.86.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-4.12.14-150.86.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch"
        },
        "product_reference": "kernel-macros-4.12.14-150.86.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-4.12.14-150.86.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64"
        },
        "product_reference": "kernel-obs-build-4.12.14-150.86.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-4.12.14-150.86.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64"
        },
        "product_reference": "kernel-obs-build-4.12.14-150.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-4.12.14-150.86.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-source-4.12.14-150.86.1.noarch"
        },
        "product_reference": "kernel-source-4.12.14-150.86.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-150.86.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64"
        },
        "product_reference": "kernel-syms-4.12.14-150.86.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-150.86.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64"
        },
        "product_reference": "kernel-syms-4.12.14-150.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-vanilla-base-4.12.14-150.86.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64"
        },
        "product_reference": "kernel-vanilla-base-4.12.14-150.86.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-vanilla-base-4.12.14-150.86.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64"
        },
        "product_reference": "kernel-vanilla-base-4.12.14-150.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-150.86.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64"
        },
        "product_reference": "kernel-default-4.12.14-150.86.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-150.86.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.ppc64le"
        },
        "product_reference": "kernel-default-4.12.14-150.86.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-150.86.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.s390x"
        },
        "product_reference": "kernel-default-4.12.14-150.86.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-150.86.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64"
        },
        "product_reference": "kernel-default-4.12.14-150.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-150.86.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64"
        },
        "product_reference": "kernel-default-base-4.12.14-150.86.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-150.86.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.ppc64le"
        },
        "product_reference": "kernel-default-base-4.12.14-150.86.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-150.86.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.s390x"
        },
        "product_reference": "kernel-default-base-4.12.14-150.86.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-150.86.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64"
        },
        "product_reference": "kernel-default-base-4.12.14-150.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-150.86.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64"
        },
        "product_reference": "kernel-default-devel-4.12.14-150.86.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-150.86.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.ppc64le"
        },
        "product_reference": "kernel-default-devel-4.12.14-150.86.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-150.86.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.s390x"
        },
        "product_reference": "kernel-default-devel-4.12.14-150.86.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-150.86.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64"
        },
        "product_reference": "kernel-default-devel-4.12.14-150.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-man-4.12.14-150.86.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15-LTSS:kernel-default-man-4.12.14-150.86.1.s390x"
        },
        "product_reference": "kernel-default-man-4.12.14-150.86.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-4.12.14-150.86.1.noarch as component of SUSE Linux Enterprise Server 15-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch"
        },
        "product_reference": "kernel-devel-4.12.14-150.86.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-docs-4.12.14-150.86.1.noarch as component of SUSE Linux Enterprise Server 15-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch"
        },
        "product_reference": "kernel-docs-4.12.14-150.86.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-4.12.14-150.86.1.noarch as component of SUSE Linux Enterprise Server 15-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch"
        },
        "product_reference": "kernel-macros-4.12.14-150.86.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-4.12.14-150.86.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64"
        },
        "product_reference": "kernel-obs-build-4.12.14-150.86.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-4.12.14-150.86.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.ppc64le"
        },
        "product_reference": "kernel-obs-build-4.12.14-150.86.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-4.12.14-150.86.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.s390x"
        },
        "product_reference": "kernel-obs-build-4.12.14-150.86.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-4.12.14-150.86.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64"
        },
        "product_reference": "kernel-obs-build-4.12.14-150.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-4.12.14-150.86.1.noarch as component of SUSE Linux Enterprise Server 15-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15-LTSS:kernel-source-4.12.14-150.86.1.noarch"
        },
        "product_reference": "kernel-source-4.12.14-150.86.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-150.86.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64"
        },
        "product_reference": "kernel-syms-4.12.14-150.86.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-150.86.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.ppc64le"
        },
        "product_reference": "kernel-syms-4.12.14-150.86.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-150.86.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.s390x"
        },
        "product_reference": "kernel-syms-4.12.14-150.86.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-150.86.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64"
        },
        "product_reference": "kernel-syms-4.12.14-150.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-vanilla-base-4.12.14-150.86.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64"
        },
        "product_reference": "kernel-vanilla-base-4.12.14-150.86.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-vanilla-base-4.12.14-150.86.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.ppc64le"
        },
        "product_reference": "kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-vanilla-base-4.12.14-150.86.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.s390x"
        },
        "product_reference": "kernel-vanilla-base-4.12.14-150.86.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-vanilla-base-4.12.14-150.86.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64"
        },
        "product_reference": "kernel-vanilla-base-4.12.14-150.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-4.12.14-150.86.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.aarch64"
        },
        "product_reference": "reiserfs-kmp-default-4.12.14-150.86.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-4.12.14-150.86.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le"
        },
        "product_reference": "reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-4.12.14-150.86.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.s390x"
        },
        "product_reference": "reiserfs-kmp-default-4.12.14-150.86.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-4.12.14-150.86.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.x86_64"
        },
        "product_reference": "reiserfs-kmp-default-4.12.14-150.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-150.86.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.ppc64le"
        },
        "product_reference": "kernel-default-4.12.14-150.86.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-150.86.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.x86_64"
        },
        "product_reference": "kernel-default-4.12.14-150.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-150.86.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.ppc64le"
        },
        "product_reference": "kernel-default-base-4.12.14-150.86.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-150.86.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.x86_64"
        },
        "product_reference": "kernel-default-base-4.12.14-150.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-150.86.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.ppc64le"
        },
        "product_reference": "kernel-default-devel-4.12.14-150.86.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-150.86.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.x86_64"
        },
        "product_reference": "kernel-default-devel-4.12.14-150.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-4.12.14-150.86.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15:kernel-devel-4.12.14-150.86.1.noarch"
        },
        "product_reference": "kernel-devel-4.12.14-150.86.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-docs-4.12.14-150.86.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15:kernel-docs-4.12.14-150.86.1.noarch"
        },
        "product_reference": "kernel-docs-4.12.14-150.86.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-4.12.14-150.86.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15:kernel-macros-4.12.14-150.86.1.noarch"
        },
        "product_reference": "kernel-macros-4.12.14-150.86.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-4.12.14-150.86.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.ppc64le"
        },
        "product_reference": "kernel-obs-build-4.12.14-150.86.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-4.12.14-150.86.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.x86_64"
        },
        "product_reference": "kernel-obs-build-4.12.14-150.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-4.12.14-150.86.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15:kernel-source-4.12.14-150.86.1.noarch"
        },
        "product_reference": "kernel-source-4.12.14-150.86.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-150.86.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.ppc64le"
        },
        "product_reference": "kernel-syms-4.12.14-150.86.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-150.86.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.x86_64"
        },
        "product_reference": "kernel-syms-4.12.14-150.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-vanilla-base-4.12.14-150.86.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.ppc64le"
        },
        "product_reference": "kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-vanilla-base-4.12.14-150.86.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.x86_64"
        },
        "product_reference": "kernel-vanilla-base-4.12.14-150.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-4.12.14-150.86.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le"
        },
        "product_reference": "reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-4.12.14-150.86.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.x86_64"
        },
        "product_reference": "reiserfs-kmp-default-4.12.14-150.86.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-44879",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-44879"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-man-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-44879",
          "url": "https://www.suse.com/security/cve/CVE-2021-44879"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195987 for CVE-2021-44879",
          "url": "https://bugzilla.suse.com/1195987"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-man-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-man-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T10:36:15Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-44879"
    },
    {
      "cve": "CVE-2022-0001",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0001"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-man-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0001",
          "url": "https://www.suse.com/security/cve/CVE-2022-0001"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191580 for CVE-2022-0001",
          "url": "https://bugzilla.suse.com/1191580"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196901 for CVE-2022-0001",
          "url": "https://bugzilla.suse.com/1196901"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-man-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-man-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T10:36:15Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0001"
    },
    {
      "cve": "CVE-2022-0002",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0002"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-man-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0002",
          "url": "https://www.suse.com/security/cve/CVE-2022-0002"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191580 for CVE-2022-0002",
          "url": "https://bugzilla.suse.com/1191580"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196901 for CVE-2022-0002",
          "url": "https://bugzilla.suse.com/1196901"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-man-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-man-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T10:36:15Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0002"
    },
    {
      "cve": "CVE-2022-0487",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0487"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-man-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0487",
          "url": "https://www.suse.com/security/cve/CVE-2022-0487"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194516 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1194516"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195949 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1195949"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198615 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1198615"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-man-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-man-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T10:36:15Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0487"
    },
    {
      "cve": "CVE-2022-0492",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0492"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability was found in the Linux kernel\u0027s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-man-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0492",
          "url": "https://www.suse.com/security/cve/CVE-2022-0492"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195543 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1195543"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195908 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1195908"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196612 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1196612"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196776 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1196776"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198615 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1198615"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199255 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1199255"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199615 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1199615"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200084 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1200084"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-man-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-man-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T10:36:15Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0492"
    },
    {
      "cve": "CVE-2022-0617",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0617"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-man-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0617",
          "url": "https://www.suse.com/security/cve/CVE-2022-0617"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196079 for CVE-2022-0617",
          "url": "https://bugzilla.suse.com/1196079"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-man-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-man-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T10:36:15Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0617"
    },
    {
      "cve": "CVE-2022-0644",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0644"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-man-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0644",
          "url": "https://www.suse.com/security/cve/CVE-2022-0644"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196155 for CVE-2022-0644",
          "url": "https://bugzilla.suse.com/1196155"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-man-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-man-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T10:36:15Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0644"
    },
    {
      "cve": "CVE-2022-0847",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0847"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in the way the \"flags\" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-man-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0847",
          "url": "https://www.suse.com/security/cve/CVE-2022-0847"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196584 for CVE-2022-0847",
          "url": "https://bugzilla.suse.com/1196584"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196601 for CVE-2022-0847",
          "url": "https://bugzilla.suse.com/1196601"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-man-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-man-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T10:36:15Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-0847"
    },
    {
      "cve": "CVE-2022-24448",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24448"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file descriptor.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-man-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24448",
          "url": "https://www.suse.com/security/cve/CVE-2022-24448"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195612 for CVE-2022-24448",
          "url": "https://bugzilla.suse.com/1195612"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-man-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-man-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T10:36:15Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24448"
    },
    {
      "cve": "CVE-2022-24959",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24959"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in yam_siocdevprivate in drivers/net/hamradio/yam.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-default-man-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.aarch64",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.s390x",
          "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-devel-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-docs-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-macros-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-source-4.12.14-150.86.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24959",
          "url": "https://www.suse.com/security/cve/CVE-2022-24959"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195897 for CVE-2022-24959",
          "url": "https://bugzilla.suse.com/1195897"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-man-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-ESPOS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_86-default-1-1.3.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-default-man-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.aarch64",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.s390x",
            "SUSE Linux Enterprise Server 15-LTSS:reiserfs-kmp-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-default-devel-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-devel-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-docs-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-macros-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-obs-build-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-source-4.12.14-150.86.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-syms-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:kernel-vanilla-base-4.12.14-150.86.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15:reiserfs-kmp-default-4.12.14-150.86.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T10:36:15Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24959"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2022-25636: Fixed an issue which allowed a local users to gain privileges because of a heap out-of-bounds write in nf_dup_netdev.c, related to nf_tables_offload (bsc#1196299).\n- CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An attacker with adjacent NFC access could trigger crash the system or corrupt system memory (bsc#1196830).\n- CVE-2022-0487: A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c (bsc#1194516).\n- CVE-2022-24448: Fixed an issue if an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should have occured, but the server instead returned uninitialized data in the file descriptor (bsc#1195612).\n- CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image. (bsc#1196079)\n- CVE-2022-0644: Fixed a denial of service by a local user. A assertion failure could be triggered in kernel_read_file_from_fd(). (bsc#1196155)\n- CVE-2022-25258: The USB Gadget subsystem lacked certain validation of interface OS descriptor requests, which could have lead to memory corruption (bsc#1196096).\n- CVE-2022-24958: drivers/usb/gadget/legacy/inode.c mishandled dev-\u003ebuf release (bsc#1195905).\n- CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in drivers/net/hamradio/yam.c (bsc#1195897).\n- CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were not considered, which lead to a move_data_page NULL pointer dereference (bsc#1195987).\n- CVE-2021-0920: Fixed a local privilege escalation due to a use-after-free vulnerability in unix_scm_to_skb of af_unix (bsc#1193731).\n- CVE-2021-39657: Fixed an information leak in the Universal Flash Storage subsystem (bsc#1193864).\n- CVE-2022-26966: Fixed an issue in drivers/net/usb/sr9700.c, which allowed attackers to obtain sensitive information from heap memory via crafted frame lengths from a device (bsc#1196836).\n- CVE-2021-39698: Fixed a possible memory corruption due to a use after free in aio_poll_complete_work. This could lead to local escalation of privilege with no additional execution privileges needed. (bsc#1196956)\n- CVE-2021-45402: The check_alu_op function in kernel/bpf/verifier.c did not properly update bounds while handling the mov32 instruction, which allowed local users to obtain potentially sensitive address information (bsc#1196130).\n- CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,CVE-2022-23041,CVE-2022-23042: Fixed multiple issues which could have lead to read/write access to memory pages or denial of service. These issues are related to the Xen PV device frontend drivers. (bsc#1196488)\n\nThe following non-security bugs were fixed:\n\n- ALSA: intel_hdmi: Fix reference to PCM buffer address (git-fixes).\n- ARM: 9182/1: mmu: fix returns from early_param() and __setup() functions (git-fixes).\n- ARM: Fix kgdb breakpoint for Thumb2 (git-fixes).\n- ASoC: cs4265: Fix the duplicated control name (git-fixes).\n- ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min (git-fixes).\n- ASoC: rt5668: do not block workqueue if card is unbound (git-fixes).\n- ASoC: rt5682: do not block workqueue if card is unbound (git-fixes).\n- Bluetooth: btusb: Add missing Chicony device for Realtek RTL8723BE (bsc#1196779).\n- EDAC/altera: Fix deferred probing (bsc#1178134).\n- EDAC: Fix calculation of returned address and next offset in edac_align_ptr() (bsc#1178134).\n- HID: add mapping for KEY_ALL_APPLICATIONS (git-fixes).\n- HID: add mapping for KEY_DICTATE (git-fixes).\n- Hand over the maintainership to SLE15-SP3 maintainers\n- IB/hfi1: Correct guard on eager buffer deallocation (git-fixes).\n- IB/hfi1: Fix early init panic (git-fixes).\n- IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr (git-fixes).\n- IB/hfi1: Insure use of smp_processor_id() is preempt disabled (git-fixes).\n- IB/rdmavt: Validate remote_addr during loopback atomic tests (git-fixes).\n- Input: clear BTN_RIGHT/MIDDLE on buttonpads (git-fixes).\n- Input: elan_i2c - fix regulator enable count imbalance after suspend/resume (git-fixes).\n- Input: elan_i2c - move regulator_[en|dis]able() out of elan_[en|dis]able_power() (git-fixes).\n- NFC: port100: fix use-after-free in port100_send_complete (git-fixes).\n- RDMA/bnxt_re: Scan the whole bitmap when checking if \u0027disabling RCFW with pending cmd-bit\u0027 (git-fixes).\n- RDMA/cma: Do not change route.addr.src_addr outside state checks (bsc#1181147).\n- RDMA/cma: Let cma_resolve_ib_dev() continue search even after empty entry (git-fixes).\n- RDMA/cma: Remove open coding of overflow checking for private_data_len (git-fixes).\n- RDMA/core: Do not infoleak GRH fields (git-fixes).\n- RDMA/core: Let ib_find_gid() continue search even after empty entry (git-fixes).\n- RDMA/cxgb4: Set queue pair state when being queried (git-fixes).\n- RDMA/hns: Validate the pkey index (git-fixes).\n- RDMA/ib_srp: Fix a deadlock (git-fixes).\n- RDMA/mlx4: Do not continue event handler after memory allocation failure (git-fixes).\n- RDMA/rtrs-clt: Fix possible double free in error case (jsc#SLE-15176).\n- RDMA/rxe: Fix a typo in opcode name (git-fixes).\n- RDMA/siw: Fix broken RDMA Read Fence/Resume logic (git-fixes).\n- RDMA/uverbs: Check for null return of kmalloc_array (git-fixes).\n- RDMA/uverbs: Remove the unnecessary assignment (git-fixes).\n- Revert \u0027USB: serial: ch341: add new Product ID for CH341A\u0027 (git-fixes).\n- SUNRPC: avoid race between mod_timer() and del_timer_sync() (bnc#1195403).\n- USB: gadget: validate endpoint index for xilinx udc (git-fixes).\n- USB: gadget: validate interface OS descriptor requests (git-fixes).\n- USB: hub: Clean up use of port initialization schemes and retries (git-fixes).\n- USB: serial: option: add Telit LE910R1 compositions (git-fixes).\n- USB: serial: option: add support for DW5829e (git-fixes).\n- USB: zaurus: support another broken Zaurus (git-fixes).\n- arm64: dts: rockchip: Switch RK3399-Gru DP to SPDIF output (git-fixes).\n- asix: fix uninit-value in asix_mdio_read() (git-fixes).\n- ata: pata_hpt37x: disable primary channel on HPT371 (git-fixes).\n- ax25: Fix NULL pointer dereference in ax25_kill_by_device (git-fixes).\n- batman-adv: Do not expect inter-netns unique iflink indices (git-fixes).\n- batman-adv: Request iflink once in batadv-on-batadv check (git-fixes).\n- batman-adv: Request iflink once in batadv_get_real_netdevice (git-fixes).\n- blk-mq: do not free tags if the tag_set is used by other device in queue initialztion (bsc#1193787).\n- bnxt_en: Fix active FEC reporting to ethtool (jsc#SLE-16649).\n- bnxt_en: Fix incorrect multicast rx mask setting when not requested (git-fixes).\n- bnxt_en: Fix occasional ethtool -t loopback test failures (git-fixes).\n- bnxt_en: Fix offline ethtool selftest with RDMA enabled (git-fixes).\n- bonding: force carrier update when releasing slave (git-fixes).\n- build initrd without systemd This reduces the size of the initrd by over 25%, which improves startup time of the virtual machine by 0.5-0.6s on very fast machines, more on slower ones.\n- can: gs_usb: change active_channels\u0027s type from atomic_t to u8 (git-fixes).\n- cgroup-v1: Correct privileges check in release_agent writes (bsc#1196723).\n- cgroup/cpuset: Fix \u0027suspicious RCU usage\u0027 lockdep warning (bsc#1196868).\n- clk: jz4725b: fix mmc0 clock gating (git-fixes).\n- constraints: Also adjust disk requirement for x86 and s390.\n- constraints: Increase disk space for aarch64\n- cpufreq: schedutil: Use kobject release() method to free (git-fixes)\n- cpuset: Fix the bug that subpart_cpus updated wrongly in update_cpumask() (bsc#1196866).\n- cputime, cpuacct: Include guest time in user time in (git-fixes)\n- dma-direct: Fix potential NULL pointer dereference (bsc#1196472 ltc#192278).\n- dma-mapping: Allow mixing bypass and mapped DMA operation (bsc#1196472 ltc#192278).\n- dmaengine: shdma: Fix runtime PM imbalance on error (git-fixes).\n- drm/amdgpu: disable MMHUB PG for Picasso (git-fixes).\n- drm/edid: Always set RGB444 (git-fixes).\n- drm/i915/dg1: Wait for pcode/uncore handshake at startup (bsc#1195211).\n- drm/i915/gen11+: Only load DRAM information from pcode (bsc#1195211).\n- drm/i915: Nuke not needed members of dram_info (bsc#1195211).\n- drm/i915: Remove memory frequency calculation (bsc#1195211).\n- drm/i915: Rename is_16gb_dimm to wm_lv_0_adjust_needed (bsc#1195211).\n- drm/sun4i: mixer: Fix P010 and P210 format numbers (git-fixes).\n- efivars: Respect \u0027block\u0027 flag in efivar_entry_set_safe() (git-fixes).\n- exfat: fix i_blocks for files truncated over 4 GiB (git-fixes).\n- exfat: fix incorrect loading of i_blocks for large files (git-fixes).\n- firmware: arm_scmi: Remove space in MODULE_ALIAS name (git-fixes).\n- fix rpm build warning tumbleweed rpm is adding these warnings to the log: It\u0027s not recommended to have unversioned Obsoletes: Obsoletes:   microcode_ctl\n- gianfar: ethtool: Fix refcount leak in gfar_get_ts_info (git-fixes).\n- gpio: rockchip: Reset int_bothedge when changing trigger (git-fixes).\n- gpio: tegra186: Fix chip_data type confusion (git-fixes).\n- gpio: ts4900: Do not set DAT and OE together (git-fixes).\n- gpiolib: acpi: Convert ACPI value of debounce to microseconds (git-fixes).\n- gtp: remove useless rcu_read_lock() (git-fixes).\n- hamradio: fix macro redefine warning (git-fixes).\n- i2c: bcm2835: Avoid clock stretching timeouts (git-fixes).\n- iavf: Fix missing check for running netdev (git-fixes).\n- ice: initialize local variable \u0027tlv\u0027 (jsc#SLE-12878).\n- igc: igc_read_phy_reg_gpy: drop premature return (git-fixes).\n- igc: igc_write_phy_reg_gpy: drop premature return (git-fixes).\n- iio: Fix error handling for PM (git-fixes).\n- iio: adc: ad7124: fix mask used for setting AIN_BUFP \u0026 AIN_BUFM bits (git-fixes).\n- iio: adc: men_z188_adc: Fix a resource leak in an error handling path (git-fixes).\n- ixgbe: xsk: change !netif_carrier_ok() handling in ixgbe_xmit_zc() (git-fixes).\n- kernel-binary.spec.in: Move 20-kernel-default-extra.conf to the correctr directory (bsc#1195051).\n- kernel-binary.spec: Also exclude the kernel signing key from devel package. There is a check in OBS that fails when it is included. Also the key is not reproducible. Fixes: bb988d4625a3 (\u0027kernel-binary: Do not include sourcedir in certificate path.\u0027)\n- kernel-binary.spec: Do not use the default certificate path (bsc#1194943). Using the the default path is broken since Linux 5.17\n- kernel-binary: Do not include sourcedir in certificate path. The certs macro runs before build directory is set up so it creates the aggregate of supplied certificates in the source directory. Using this file directly as the certificate in kernel config works but embeds the source directory path in the kernel config. To avoid this symlink the certificate to the build directory and use relative path to refer to it. Also fabricate a certificate in the same location in build directory when none is provided.\n- kernel-obs-build: include 9p (boo#1195353) To be able to share files between host and the qemu vm of the build script, the 9p and 9p_virtio kernel modules need to be included in the initrd of kernel-obs-build.\n- mac80211: fix forwarded mesh frames AC \u0026 queue selection (git-fixes).\n- mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work (git-fixes).\n- mac80211_hwsim: report NOACK frames in tx_status (git-fixes).\n- mask out added spinlock in rndis_params (git-fixes).\n- mmc: meson: Fix usage of meson_mmc_post_req() (git-fixes).\n- net/mlx5: Fix possible deadlock on rule deletion (git-fixes).\n- net/mlx5: Fix wrong limitation of metadata match on ecpf (git-fixes).\n- net/mlx5: Update the list of the PCI supported devices (git-fixes).\n- net/mlx5: Update the list of the PCI supported devices (git-fixes).\n- net/mlx5e: Fix modify header actions memory leak (git-fixes).\n- net/mlx5e: Fix page DMA map/unmap attributes (bsc#1196468).\n- net/mlx5e: Fix wrong return value on ioctl EEPROM query failure (git-fixes).\n- net/mlx5e: TC, Reject rules with drop and modify hdr action (git-fixes).\n- net/mlx5e: TC, Reject rules with forward and drop actions (git-fixes).\n- net/mlx5e: kTLS, Use CHECKSUM_UNNECESSARY for device-offloaded packets (jsc#SLE-15172).\n- net/sched: act_ct: Fix flow table lookup after ct clear or switching zones (jsc#SLE-15172).\n- net: dsa: mv88e6xxx: MV88E6097 does not support jumbo configuration (git-fixes).\n- net: ethernet: ti: cpsw: disable PTPv1 hw timestamping advertisement (git-fixes).\n- net: fix up skbs delta_truesize in UDP GRO frag_list (bsc#1176447).\n- net: hns3: Clear the CMDQ registers before unmapping BAR region (git-fixes).\n- net: phy: DP83822: clear MISR2 register to disable interrupts (git-fixes).\n- net: sfc: Replace in_interrupt() usage (git-fixes).\n- net: tipc: validate domain record count on input (bsc#1195254).\n- net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990 (git-fixes).\n- netfilter: nf_tables: fix memory leak during stateful obj update (bsc#1176447).\n- netsec: ignore \u0027phy-mode\u0027 device property on ACPI systems (git-fixes).\n- nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac() (git-fixes).\n- nl80211: Handle nla_memdup failures in handle_nan_filter (git-fixes).\n- ntb: intel: fix port config status offset for SPR (git-fixes).\n- nvme-multipath: use vmalloc for ANA log buffer (bsc#1193787).\n- nvme-rdma: fix possible use-after-free in transport error_recovery work (git-fixes).\n- nvme-tcp: fix possible use-after-free in transport error_recovery work (git-fixes).\n- nvme: fix a possible use-after-free in controller reset during load (git-fixes).\n- powerpc/dma: Fallback to dma_ops when persistent memory present (bsc#1196472 ltc#192278). Update config files.\n- powerpc/fadump: register for fadump as early as possible (bsc#1179439 ltc#190038).\n- powerpc/mm: Remove dcache flush from memory remove (bsc#1196433 ltc#196449).\n- powerpc/powernv/memtrace: Fix dcache flushing (bsc#1196433 ltc#196449).\n- powerpc/pseries/iommu: Fix window size for direct mapping with pmem (bsc#1196472 ltc#192278).\n- rpm/*.spec.in: Use https:// urls\n- rpm/arch-symbols,guards,*driver: Replace Novell with SUSE.\n- rpm/check-for-config-changes: Ignore PAHOLE_VERSION.\n- rpm/kernel-docs.spec.in: use %%license for license declarations Limited to SLE15+ to avoid compatibility nightmares.\n- rpm/kernel-source.spec.in: call fdupes per subpackage It is a waste of time to do a global fdupes when we have subpackages.\n- rpm: SC2006: Use $(...) notation instead of legacy backticked `...`.\n- sched/core: Mitigate race (git-fixes)\n- scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put() (git-fixes).\n- scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe (git-fixes).\n- scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write() (git-fixes).\n- scsi: nsp_cs: Check of ioremap return value (git-fixes).\n- scsi: qedf: Fix potential dereference of NULL pointer (git-fixes).\n- scsi: smartpqi: Add PCI IDs (bsc#1196627).\n- scsi: ufs: Fix race conditions related to driver data (git-fixes).\n- selftests: mlxsw: tc_police_scale: Make test more robust (bsc#1176774).\n- soc: fsl: Correct MAINTAINERS database (QUICC ENGINE LIBRARY) (git-fixes).\n- soc: fsl: Correct MAINTAINERS database (SOC) (git-fixes).\n- soc: fsl: qe: Check of ioremap return value (git-fixes).\n- spi: spi-zynq-qspi: Fix a NULL pointer dereference in zynq_qspi_exec_mem_op() (git-fixes).\n- sr9700: sanity check for packet length (bsc#1196836).\n- staging: gdm724x: fix use after free in gdm_lte_rx() (git-fixes).\n- tracing: Fix return value of __setup handlers (git-fixes).\n- tty: n_gsm: fix encoding of control signal octet bit DV (git-fixes).\n- tty: n_gsm: fix proper link termination after failed open (git-fixes).\n- usb: dwc2: Fix Stalling a Non-Isochronous OUT EP (git-fixes).\n- usb: dwc2: gadget: Fix GOUTNAK flow for Slave mode (git-fixes).\n- usb: dwc2: gadget: Fix kill_all_requests race (git-fixes).\n- usb: dwc2: use well defined macros for power_down (git-fixes).\n- usb: dwc3: gadget: Let the interrupt handler disable bottom halves (git-fixes).\n- usb: dwc3: meson-g12a: Disable the regulator in the error handling path of the probe (git-fixes).\n- usb: dwc3: pci: Fix Bay Trail phy GPIO mappings (git-fixes).\n- usb: gadget: rndis: add spinlock for rndis response list (git-fixes).\n- usb: host: xen-hcd: add missing unlock in error path (git-fixes).\n- usb: hub: Fix locking issues with address0_mutex (git-fixes).\n- usb: hub: Fix usb enumeration issue due to address0 race (git-fixes).\n- vrf: Fix fast path output packet handling with async Netfilter rules (git-fixes).\n- xen/usb: do not use gnttab_end_foreign_access() in xenhcd_gnttab_done() (bsc#1196488, XSA-396).\n- xhci: Prevent futile URB re-submissions due to incorrect return value (git-fixes).\n- xhci: re-initialize the HC during resume if HCE was set (git-fixes).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2022-1039,SUSE-SLE-Module-Basesystem-15-SP3-2022-1039,SUSE-SLE-Module-Development-Tools-15-SP3-2022-1039,SUSE-SLE-Module-Legacy-15-SP3-2022-1039,SUSE-SLE-Module-Live-Patching-15-SP3-2022-1039,SUSE-SLE-Product-HA-15-SP3-2022-1039,SUSE-SLE-Product-WE-15-SP3-2022-1039,SUSE-SUSE-MicroOS-5.1-2022-1039",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_1039-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2022:1039-1",
        "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221039-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2022:1039-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010566.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1176447",
        "url": "https://bugzilla.suse.com/1176447"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1176774",
        "url": "https://bugzilla.suse.com/1176774"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1178134",
        "url": "https://bugzilla.suse.com/1178134"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1179439",
        "url": "https://bugzilla.suse.com/1179439"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1181147",
        "url": "https://bugzilla.suse.com/1181147"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1191428",
        "url": "https://bugzilla.suse.com/1191428"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1192273",
        "url": "https://bugzilla.suse.com/1192273"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193731",
        "url": "https://bugzilla.suse.com/1193731"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193787",
        "url": "https://bugzilla.suse.com/1193787"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193864",
        "url": "https://bugzilla.suse.com/1193864"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194463",
        "url": "https://bugzilla.suse.com/1194463"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194516",
        "url": "https://bugzilla.suse.com/1194516"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194943",
        "url": "https://bugzilla.suse.com/1194943"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195051",
        "url": "https://bugzilla.suse.com/1195051"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195211",
        "url": "https://bugzilla.suse.com/1195211"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195254",
        "url": "https://bugzilla.suse.com/1195254"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195353",
        "url": "https://bugzilla.suse.com/1195353"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195403",
        "url": "https://bugzilla.suse.com/1195403"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195612",
        "url": "https://bugzilla.suse.com/1195612"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195897",
        "url": "https://bugzilla.suse.com/1195897"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195905",
        "url": "https://bugzilla.suse.com/1195905"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195939",
        "url": "https://bugzilla.suse.com/1195939"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195949",
        "url": "https://bugzilla.suse.com/1195949"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195987",
        "url": "https://bugzilla.suse.com/1195987"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196079",
        "url": "https://bugzilla.suse.com/1196079"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196095",
        "url": "https://bugzilla.suse.com/1196095"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196130",
        "url": "https://bugzilla.suse.com/1196130"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196132",
        "url": "https://bugzilla.suse.com/1196132"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196155",
        "url": "https://bugzilla.suse.com/1196155"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196299",
        "url": "https://bugzilla.suse.com/1196299"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196301",
        "url": "https://bugzilla.suse.com/1196301"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196433",
        "url": "https://bugzilla.suse.com/1196433"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196468",
        "url": "https://bugzilla.suse.com/1196468"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196472",
        "url": "https://bugzilla.suse.com/1196472"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196488",
        "url": "https://bugzilla.suse.com/1196488"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196627",
        "url": "https://bugzilla.suse.com/1196627"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196723",
        "url": "https://bugzilla.suse.com/1196723"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196779",
        "url": "https://bugzilla.suse.com/1196779"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196830",
        "url": "https://bugzilla.suse.com/1196830"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196836",
        "url": "https://bugzilla.suse.com/1196836"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196866",
        "url": "https://bugzilla.suse.com/1196866"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196868",
        "url": "https://bugzilla.suse.com/1196868"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196956",
        "url": "https://bugzilla.suse.com/1196956"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196959",
        "url": "https://bugzilla.suse.com/1196959"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-0920 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-0920/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39657 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39657/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39698 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39698/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-44879 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-44879/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-45402 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-45402/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0487 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0487/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0617 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0617/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0644 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0644/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-23036 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-23036/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-23037 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-23037/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-23038 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-23038/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-23039 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-23039/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-23040 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-23040/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-23041 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-23041/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-23042 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-23042/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24448 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24448/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24958 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24958/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24959 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24959/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-25258 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-25258/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-25636 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-25636/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-26490 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-26490/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-26966 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-26966/"
      }
    ],
    "title": "Security update for the Linux Kernel",
    "tracking": {
      "current_release_date": "2022-03-30T07:38:49Z",
      "generator": {
        "date": "2022-03-30T07:38:49Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2022:1039-1",
      "initial_release_date": "2022-03-30T07:38:49Z",
      "revision_history": [
        {
          "date": "2022-03-30T07:38:49Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dlm-kmp-default-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-al-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-al-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-al-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-allwinner-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-altera-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-altera-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-altera-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-amd-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-amd-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-amd-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-amlogic-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-apm-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-apm-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-apm-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-arm-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-arm-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-arm-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-broadcom-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-cavium-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-cavium-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-cavium-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-exynos-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-exynos-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-exynos-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-freescale-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-freescale-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-freescale-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-hisilicon-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-lg-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-lg-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-lg-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-marvell-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-marvell-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-marvell-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-mediatek-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-nvidia-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-qcom-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-qcom-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-qcom-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-renesas-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-renesas-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-renesas-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-rockchip-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-socionext-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-socionext-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-socionext-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-sprd-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-sprd-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-sprd-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-xilinx-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-zte-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-zte-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-zte-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-64kb-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-64kb-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-64kb-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-default-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-default-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
                "product": {
                  "name": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
                  "product_id": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
                "product": {
                  "name": "kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
                  "product_id": "kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-default-devel-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-default-extra-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-default-optional-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-obs-build-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-obs-qa-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-preempt-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-preempt-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-preempt-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-syms-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-syms-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-devel-5.3.18-150300.59.60.4.noarch",
                "product": {
                  "name": "kernel-devel-5.3.18-150300.59.60.4.noarch",
                  "product_id": "kernel-devel-5.3.18-150300.59.60.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-docs-5.3.18-150300.59.60.4.noarch",
                "product": {
                  "name": "kernel-docs-5.3.18-150300.59.60.4.noarch",
                  "product_id": "kernel-docs-5.3.18-150300.59.60.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-docs-html-5.3.18-150300.59.60.4.noarch",
                "product": {
                  "name": "kernel-docs-html-5.3.18-150300.59.60.4.noarch",
                  "product_id": "kernel-docs-html-5.3.18-150300.59.60.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-macros-5.3.18-150300.59.60.4.noarch",
                "product": {
                  "name": "kernel-macros-5.3.18-150300.59.60.4.noarch",
                  "product_id": "kernel-macros-5.3.18-150300.59.60.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-5.3.18-150300.59.60.4.noarch",
                "product": {
                  "name": "kernel-source-5.3.18-150300.59.60.4.noarch",
                  "product_id": "kernel-source-5.3.18-150300.59.60.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
                "product": {
                  "name": "kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
                  "product_id": "kernel-source-vanilla-5.3.18-150300.59.60.4.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "kernel-debug-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "kernel-debug-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "kernel-default-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "kernel-default-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
                "product": {
                  "name": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
                  "product_id": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
                "product": {
                  "name": "kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
                  "product_id": "kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "kernel-default-devel-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "kernel-default-extra-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "kernel-default-optional-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
                "product": {
                  "name": "kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
                  "product_id": "kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "kernel-obs-build-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "kernel-syms-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "kernel-syms-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
                "product": {
                  "name": "cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
                  "product_id": "cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
                "product": {
                  "name": "dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
                  "product_id": "dlm-kmp-default-5.3.18-150300.59.60.4.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
                "product": {
                  "name": "gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
                  "product_id": "gfs2-kmp-default-5.3.18-150300.59.60.4.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-5.3.18-150300.59.60.4.s390x",
                "product": {
                  "name": "kernel-default-5.3.18-150300.59.60.4.s390x",
                  "product_id": "kernel-default-5.3.18-150300.59.60.4.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
                "product": {
                  "name": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
                  "product_id": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
                "product": {
                  "name": "kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
                  "product_id": "kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-5.3.18-150300.59.60.4.s390x",
                "product": {
                  "name": "kernel-default-devel-5.3.18-150300.59.60.4.s390x",
                  "product_id": "kernel-default-devel-5.3.18-150300.59.60.4.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-5.3.18-150300.59.60.4.s390x",
                "product": {
                  "name": "kernel-default-extra-5.3.18-150300.59.60.4.s390x",
                  "product_id": "kernel-default-extra-5.3.18-150300.59.60.4.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
                "product": {
                  "name": "kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
                  "product_id": "kernel-default-livepatch-5.3.18-150300.59.60.4.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
                "product": {
                  "name": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
                  "product_id": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-optional-5.3.18-150300.59.60.4.s390x",
                "product": {
                  "name": "kernel-default-optional-5.3.18-150300.59.60.4.s390x",
                  "product_id": "kernel-default-optional-5.3.18-150300.59.60.4.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
                "product": {
                  "name": "kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
                  "product_id": "kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-5.3.18-150300.59.60.4.s390x",
                "product": {
                  "name": "kernel-obs-build-5.3.18-150300.59.60.4.s390x",
                  "product_id": "kernel-obs-build-5.3.18-150300.59.60.4.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
                "product": {
                  "name": "kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
                  "product_id": "kernel-obs-qa-5.3.18-150300.59.60.4.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-5.3.18-150300.59.60.4.s390x",
                "product": {
                  "name": "kernel-syms-5.3.18-150300.59.60.4.s390x",
                  "product_id": "kernel-syms-5.3.18-150300.59.60.4.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
                "product": {
                  "name": "kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
                  "product_id": "kernel-zfcpdump-5.3.18-150300.59.60.4.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
                "product": {
                  "name": "kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
                  "product_id": "kselftests-kmp-default-5.3.18-150300.59.60.4.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
                "product": {
                  "name": "ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
                  "product_id": "ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
                "product": {
                  "name": "reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
                  "product_id": "reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "dlm-kmp-default-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-debug-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-debug-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-debug-devel-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-default-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-default-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
                "product": {
                  "name": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
                  "product_id": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
                "product": {
                  "name": "kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
                  "product_id": "kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-default-devel-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-default-extra-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-default-optional-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
                "product": {
                  "name": "kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
                  "product_id": "kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-livepatch-5_3_18-150300_59_60-preempt-1-150300.7.5.3.x86_64",
                "product": {
                  "name": "kernel-livepatch-5_3_18-150300_59_60-preempt-1-150300.7.5.3.x86_64",
                  "product_id": "kernel-livepatch-5_3_18-150300_59_60-preempt-1-150300.7.5.3.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-obs-build-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-obs-qa-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-preempt-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-preempt-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-preempt-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-syms-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-syms-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Basesystem 15 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Basesystem 15 SP3",
                  "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-basesystem:15:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Development Tools 15 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Development Tools 15 SP3",
                  "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-development-tools:15:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Legacy 15 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Legacy 15 SP3",
                  "product_id": "SUSE Linux Enterprise Module for Legacy 15 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-legacy:15:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Live Patching 15 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Live Patching 15 SP3",
                  "product_id": "SUSE Linux Enterprise Live Patching 15 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-live-patching:15:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Availability Extension 15 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise High Availability Extension 15 SP3",
                  "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-ha:15:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Workstation Extension 15 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Workstation Extension 15 SP3",
                  "product_id": "SUSE Linux Enterprise Workstation Extension 15 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-we:15:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Micro 5.1",
                "product": {
                  "name": "SUSE Linux Enterprise Micro 5.1",
                  "product_id": "SUSE Linux Enterprise Micro 5.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse-microos:5.1"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-64kb-5.3.18-150300.59.60.4.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "kernel-64kb-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.3.18-150300.59.60.4.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "kernel-default-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.3.18-150300.59.60.4.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le"
        },
        "product_reference": "kernel-default-5.3.18-150300.59.60.4.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.3.18-150300.59.60.4.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x"
        },
        "product_reference": "kernel-default-5.3.18-150300.59.60.4.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.3.18-150300.59.60.4.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "kernel-default-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64"
        },
        "product_reference": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le"
        },
        "product_reference": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x"
        },
        "product_reference": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64"
        },
        "product_reference": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.3.18-150300.59.60.4.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.3.18-150300.59.60.4.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le"
        },
        "product_reference": "kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.3.18-150300.59.60.4.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x"
        },
        "product_reference": "kernel-default-devel-5.3.18-150300.59.60.4.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.3.18-150300.59.60.4.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-5.3.18-150300.59.60.4.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch"
        },
        "product_reference": "kernel-devel-5.3.18-150300.59.60.4.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-5.3.18-150300.59.60.4.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch"
        },
        "product_reference": "kernel-macros-5.3.18-150300.59.60.4.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-5.3.18-150300.59.60.4.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "kernel-preempt-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-5.3.18-150300.59.60.4.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "kernel-preempt-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-zfcpdump-5.3.18-150300.59.60.4.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x"
        },
        "product_reference": "kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-docs-5.3.18-150300.59.60.4.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch"
        },
        "product_reference": "kernel-docs-5.3.18-150300.59.60.4.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.3.18-150300.59.60.4.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.3.18-150300.59.60.4.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le"
        },
        "product_reference": "kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.3.18-150300.59.60.4.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x"
        },
        "product_reference": "kernel-obs-build-5.3.18-150300.59.60.4.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.3.18-150300.59.60.4.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-5.3.18-150300.59.60.4.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch"
        },
        "product_reference": "kernel-source-5.3.18-150300.59.60.4.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.3.18-150300.59.60.4.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "kernel-syms-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.3.18-150300.59.60.4.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le"
        },
        "product_reference": "kernel-syms-5.3.18-150300.59.60.4.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.3.18-150300.59.60.4.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x"
        },
        "product_reference": "kernel-syms-5.3.18-150300.59.60.4.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.3.18-150300.59.60.4.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "kernel-syms-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le"
        },
        "product_reference": "reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x"
        },
        "product_reference": "reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP3",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le"
        },
        "product_reference": "kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-5.3.18-150300.59.60.4.s390x as component of SUSE Linux Enterprise Live Patching 15 SP3",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x"
        },
        "product_reference": "kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP3",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP3",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le"
        },
        "product_reference": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x as component of SUSE Linux Enterprise Live Patching 15 SP3",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x"
        },
        "product_reference": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP3",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP3",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le"
        },
        "product_reference": "kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x as component of SUSE Linux Enterprise Live Patching 15 SP3",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x"
        },
        "product_reference": "kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP3",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64"
        },
        "product_reference": "kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP3",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP3",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le"
        },
        "product_reference": "cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP3",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x"
        },
        "product_reference": "cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP3",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-5.3.18-150300.59.60.4.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP3",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP3",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le"
        },
        "product_reference": "dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-5.3.18-150300.59.60.4.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP3",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x"
        },
        "product_reference": "dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-5.3.18-150300.59.60.4.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP3",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP3",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP3",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le"
        },
        "product_reference": "gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-5.3.18-150300.59.60.4.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP3",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x"
        },
        "product_reference": "gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP3",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP3",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP3",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le"
        },
        "product_reference": "ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP3",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x"
        },
        "product_reference": "ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP3",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-extra-5.3.18-150300.59.60.4.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP3",
          "product_id": "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP3",
          "product_id": "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.3.18-150300.59.60.4.aarch64 as component of SUSE Linux Enterprise Micro 5.1",
          "product_id": "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "kernel-default-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.3.18-150300.59.60.4.s390x as component of SUSE Linux Enterprise Micro 5.1",
          "product_id": "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x"
        },
        "product_reference": "kernel-default-5.3.18-150300.59.60.4.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.3.18-150300.59.60.4.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
          "product_id": "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "kernel-default-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64 as component of SUSE Linux Enterprise Micro 5.1",
          "product_id": "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64"
        },
        "product_reference": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x as component of SUSE Linux Enterprise Micro 5.1",
          "product_id": "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x"
        },
        "product_reference": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
          "product_id": "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64"
        },
        "product_reference": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-0920",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-0920"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196926917References: Upstream kernel",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-0920",
          "url": "https://www.suse.com/security/cve/CVE-2021-0920"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1193731 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1193731"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194463 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1194463"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195939 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1195939"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199255 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1199255"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200084 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1200084"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:49Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-0920"
    },
    {
      "cve": "CVE-2021-39657",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39657"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In ufshcd_eh_device_reset_handler of ufshcd.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-194696049References: Upstream kernel",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39657",
          "url": "https://www.suse.com/security/cve/CVE-2021-39657"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1193864 for CVE-2021-39657",
          "url": "https://bugzilla.suse.com/1193864"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:49Z",
          "details": "low"
        }
      ],
      "title": "CVE-2021-39657"
    },
    {
      "cve": "CVE-2021-39698",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39698"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In aio_poll_complete_work of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-185125206References: Upstream kernel",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39698",
          "url": "https://www.suse.com/security/cve/CVE-2021-39698"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196956 for CVE-2021-39698",
          "url": "https://bugzilla.suse.com/1196956"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196959 for CVE-2021-39698",
          "url": "https://bugzilla.suse.com/1196959"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1209225 for CVE-2021-39698",
          "url": "https://bugzilla.suse.com/1209225"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:49Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-39698"
    },
    {
      "cve": "CVE-2021-44879",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-44879"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-44879",
          "url": "https://www.suse.com/security/cve/CVE-2021-44879"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195987 for CVE-2021-44879",
          "url": "https://bugzilla.suse.com/1195987"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:49Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-44879"
    },
    {
      "cve": "CVE-2021-45402",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-45402"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The check_alu_op() function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did not properly update bounds while handling the mov32 instruction, which allows local users to obtain potentially sensitive address information, aka a \"pointer leak.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-45402",
          "url": "https://www.suse.com/security/cve/CVE-2021-45402"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196130 for CVE-2021-45402",
          "url": "https://bugzilla.suse.com/1196130"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:49Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-45402"
    },
    {
      "cve": "CVE-2022-0487",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0487"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0487",
          "url": "https://www.suse.com/security/cve/CVE-2022-0487"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194516 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1194516"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195949 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1195949"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198615 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1198615"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:49Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0487"
    },
    {
      "cve": "CVE-2022-0617",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0617"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0617",
          "url": "https://www.suse.com/security/cve/CVE-2022-0617"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196079 for CVE-2022-0617",
          "url": "https://bugzilla.suse.com/1196079"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:49Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0617"
    },
    {
      "cve": "CVE-2022-0644",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0644"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0644",
          "url": "https://www.suse.com/security/cve/CVE-2022-0644"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196155 for CVE-2022-0644",
          "url": "https://bugzilla.suse.com/1196155"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:49Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0644"
    },
    {
      "cve": "CVE-2022-23036",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-23036"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn\u0027t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-23036",
          "url": "https://www.suse.com/security/cve/CVE-2022-23036"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196488 for CVE-2022-23036",
          "url": "https://bugzilla.suse.com/1196488"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199099 for CVE-2022-23036",
          "url": "https://bugzilla.suse.com/1199099"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199141 for CVE-2022-23036",
          "url": "https://bugzilla.suse.com/1199141"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-23036",
          "url": "https://bugzilla.suse.com/1204132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:49Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-23036"
    },
    {
      "cve": "CVE-2022-23037",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-23037"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn\u0027t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-23037",
          "url": "https://www.suse.com/security/cve/CVE-2022-23037"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199099 for CVE-2022-23037",
          "url": "https://bugzilla.suse.com/1199099"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199141 for CVE-2022-23037",
          "url": "https://bugzilla.suse.com/1199141"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-23037",
          "url": "https://bugzilla.suse.com/1204132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:49Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-23037"
    },
    {
      "cve": "CVE-2022-23038",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-23038"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn\u0027t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-23038",
          "url": "https://www.suse.com/security/cve/CVE-2022-23038"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199099 for CVE-2022-23038",
          "url": "https://bugzilla.suse.com/1199099"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199141 for CVE-2022-23038",
          "url": "https://bugzilla.suse.com/1199141"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-23038",
          "url": "https://bugzilla.suse.com/1204132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:49Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-23038"
    },
    {
      "cve": "CVE-2022-23039",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-23039"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn\u0027t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-23039",
          "url": "https://www.suse.com/security/cve/CVE-2022-23039"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199099 for CVE-2022-23039",
          "url": "https://bugzilla.suse.com/1199099"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199141 for CVE-2022-23039",
          "url": "https://bugzilla.suse.com/1199141"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-23039",
          "url": "https://bugzilla.suse.com/1204132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:49Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-23039"
    },
    {
      "cve": "CVE-2022-23040",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-23040"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn\u0027t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-23040",
          "url": "https://www.suse.com/security/cve/CVE-2022-23040"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199099 for CVE-2022-23040",
          "url": "https://bugzilla.suse.com/1199099"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199141 for CVE-2022-23040",
          "url": "https://bugzilla.suse.com/1199141"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-23040",
          "url": "https://bugzilla.suse.com/1204132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:49Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-23040"
    },
    {
      "cve": "CVE-2022-23041",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-23041"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn\u0027t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-23041",
          "url": "https://www.suse.com/security/cve/CVE-2022-23041"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199099 for CVE-2022-23041",
          "url": "https://bugzilla.suse.com/1199099"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199141 for CVE-2022-23041",
          "url": "https://bugzilla.suse.com/1199141"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-23041",
          "url": "https://bugzilla.suse.com/1204132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:49Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-23041"
    },
    {
      "cve": "CVE-2022-23042",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-23042"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn\u0027t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-23042",
          "url": "https://www.suse.com/security/cve/CVE-2022-23042"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199099 for CVE-2022-23042",
          "url": "https://bugzilla.suse.com/1199099"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199141 for CVE-2022-23042",
          "url": "https://bugzilla.suse.com/1199141"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-23042",
          "url": "https://bugzilla.suse.com/1204132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:49Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-23042"
    },
    {
      "cve": "CVE-2022-24448",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24448"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file descriptor.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24448",
          "url": "https://www.suse.com/security/cve/CVE-2022-24448"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195612 for CVE-2022-24448",
          "url": "https://bugzilla.suse.com/1195612"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:49Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24448"
    },
    {
      "cve": "CVE-2022-24958",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24958"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev-\u003ebuf release.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24958",
          "url": "https://www.suse.com/security/cve/CVE-2022-24958"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195905 for CVE-2022-24958",
          "url": "https://bugzilla.suse.com/1195905"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:49Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24958"
    },
    {
      "cve": "CVE-2022-24959",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24959"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in yam_siocdevprivate in drivers/net/hamradio/yam.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24959",
          "url": "https://www.suse.com/security/cve/CVE-2022-24959"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195897 for CVE-2022-24959",
          "url": "https://bugzilla.suse.com/1195897"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:49Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24959"
    },
    {
      "cve": "CVE-2022-25258",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-25258"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory corruption might occur.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-25258",
          "url": "https://www.suse.com/security/cve/CVE-2022-25258"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196095 for CVE-2022-25258",
          "url": "https://bugzilla.suse.com/1196095"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196132 for CVE-2022-25258",
          "url": "https://bugzilla.suse.com/1196132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:49Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-25258"
    },
    {
      "cve": "CVE-2022-25636",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-25636"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-25636",
          "url": "https://www.suse.com/security/cve/CVE-2022-25636"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196299 for CVE-2022-25636",
          "url": "https://bugzilla.suse.com/1196299"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196301 for CVE-2022-25636",
          "url": "https://bugzilla.suse.com/1196301"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:49Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-25636"
    },
    {
      "cve": "CVE-2022-26490",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-26490"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-26490",
          "url": "https://www.suse.com/security/cve/CVE-2022-26490"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196830 for CVE-2022-26490",
          "url": "https://bugzilla.suse.com/1196830"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201656 for CVE-2022-26490",
          "url": "https://bugzilla.suse.com/1201656"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201969 for CVE-2022-26490",
          "url": "https://bugzilla.suse.com/1201969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1211495 for CVE-2022-26490",
          "url": "https://bugzilla.suse.com/1211495"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:49Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-26490"
    },
    {
      "cve": "CVE-2022-26966",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-26966"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in the Linux kernel before 5.16.12. drivers/net/usb/sr9700.c allows attackers to obtain sensitive information from heap memory via crafted frame lengths from a device.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-26966",
          "url": "https://www.suse.com/security/cve/CVE-2022-26966"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196836 for CVE-2022-26966",
          "url": "https://bugzilla.suse.com/1196836"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-1-150300.7.5.3.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:49Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-26966"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2022-25636: Fixed an issue which allowed a local users to gain privileges because of a heap out-of-bounds write in nf_dup_netdev.c, related to nf_tables_offload (bsc#1196299).\n- CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An attacker with adjacent NFC access could trigger crash the system or corrupt system memory (bsc#1196830).\n- CVE-2022-0487: A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c (bsc#1194516).\n- CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly (bsc#1195543).\n- CVE-2022-0516: Fixed missing check in ioctl related to KVM in s390 allows kernel memory read/write (bsc#1195516).\n- CVE-2022-24448: Fixed an issue if an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should have occured, but the server instead returned uninitialized data in the file descriptor (bsc#1195612).\n- CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image. (bsc#1196079)\n- CVE-2022-0644: Fixed a denial of service by a local user. A assertion failure could be triggered in kernel_read_file_from_fd(). (bsc#1196155)\n- CVE-2022-25258: The USB Gadget subsystem lacked certain validation of interface OS descriptor requests, which could have lead to memory corruption (bsc#1196096).\n- CVE-2022-24958: drivers/usb/gadget/legacy/inode.c mishandled dev-\u003ebuf release (bsc#1195905).\n- CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in drivers/net/hamradio/yam.c (bsc#1195897).\n- CVE-2022-27223: In drivers/usb/gadget/udc/udc-xilinx.c the endpoint index was not validated and could have been manipulated by the host for out-of-array access (bsc#1197245).\n- CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were not considered, which lead to a move_data_page NULL pointer dereference (bsc#1195987).\n- CVE-2021-0920: Fixed a local privilege escalation due to a use-after-free vulnerability in unix_scm_to_skb of af_unix (bsc#1193731).\n- CVE-2022-26966: Fixed an issue in drivers/net/usb/sr9700.c, which allowed attackers to obtain sensitive information from heap memory via crafted frame lengths from a device (bsc#1196836).\n- CVE-2021-39698: Fixed a possible memory corruption due to a use after free in aio_poll_complete_work. This could lead to local escalation of privilege with no additional execution privileges needed. (bsc#1196956)\n- CVE-2021-45402: The check_alu_op function in kernel/bpf/verifier.c did not properly update bounds while handling the mov32 instruction, which allowed local users to obtain potentially sensitive address information (bsc#1196130).\n- CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,CVE-2022-23041,CVE-2022-23042: Fixed multiple issues which could have lead to read/write access to memory pages or denial of service. These issues are related to the Xen PV device frontend drivers. (bsc#1196488)\n\nThe following non-security bugs were fixed:\n\n- ALSA: intel_hdmi: Fix reference to PCM buffer address (git-fixes).\n- arm64: dts: rockchip: Switch RK3399-Gru DP to SPDIF output (git-fixes).\n- ARM: 9182/1: mmu: fix returns from early_param() and __setup() functions (git-fixes).\n- ARM: Fix kgdb breakpoint for Thumb2 (git-fixes).\n- asix: fix uninit-value in asix_mdio_read() (git-fixes).\n- ASoC: cs4265: Fix the duplicated control name (git-fixes).\n- ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min (git-fixes).\n- ASoC: rt5682: do not block workqueue if card is unbound (git-fixes).\n- ata: pata_hpt37x: disable primary channel on HPT371 (git-fixes).\n- ax25: Fix NULL pointer dereference in ax25_kill_by_device (git-fixes).\n- batman-adv: Do not expect inter-netns unique iflink indices (git-fixes).\n- batman-adv: Request iflink once in batadv_get_real_netdevice (git-fixes).\n- batman-adv: Request iflink once in batadv-on-batadv check (git-fixes).\n- blk-mq: do not free tags if the tag_set is used by other device in queue initialztion (bsc#1193787).\n- Bluetooth: btusb: Add missing Chicony device for Realtek RTL8723BE (bsc#1196779).\n- bnxt_en: Fix active FEC reporting to ethtool (jsc#SLE-16649).\n- bnxt_en: Fix incorrect multicast rx mask setting when not requested (git-fixes).\n- bnxt_en: Fix occasional ethtool -t loopback test failures (git-fixes).\n- bnxt_en: Fix offline ethtool selftest with RDMA enabled (git-fixes).\n- bonding: force carrier update when releasing slave (git-fixes).\n- can: gs_usb: change active_channels\u0027s type from atomic_t to u8 (git-fixes).\n- cgroup/cpuset: Fix \u0027suspicious RCU usage\u0027 lockdep warning (bsc#1196868).\n- cgroup-v1: Correct privileges check in release_agent writes (bsc#1196723).\n- clk: jz4725b: fix mmc0 clock gating (git-fixes).\n- constraints: Also adjust disk requirement for x86 and s390.\n- constraints: Increase disk space for aarch64\n- cpufreq: schedutil: Use kobject release() method to free (git-fixes)\n- cpuset: Fix the bug that subpart_cpus updated wrongly in update_cpumask() (bsc#1196866).\n- cputime, cpuacct: Include guest time in user time in (git-fixes)\n- dma-direct: Fix potential NULL pointer dereference (bsc#1196472 ltc#192278).\n- dmaengine: shdma: Fix runtime PM imbalance on error (git-fixes).\n- dma-mapping: Allow mixing bypass and mapped DMA operation (bsc#1196472 ltc#192278).\n- drm/amdgpu: disable MMHUB PG for Picasso (git-fixes).\n- drm/edid: Always set RGB444 (git-fixes).\n- drm/i915/dg1: Wait for pcode/uncore handshake at startup (bsc#1195211).\n- drm/i915/gen11+: Only load DRAM information from pcode (bsc#1195211).\n- drm/i915: Nuke not needed members of dram_info (bsc#1195211).\n- drm/i915: Remove memory frequency calculation (bsc#1195211).\n- drm/i915: Rename is_16gb_dimm to wm_lv_0_adjust_needed (bsc#1195211).\n- drm/sun4i: mixer: Fix P010 and P210 format numbers (git-fixes).\n- EDAC/altera: Fix deferred probing (bsc#1178134).\n- EDAC: Fix calculation of returned address and next offset in edac_align_ptr() (bsc#1178134).\n- efivars: Respect \u0027block\u0027 flag in efivar_entry_set_safe() (git-fixes).\n- exfat: fix i_blocks for files truncated over 4 GiB (git-fixes).\n- exfat: fix incorrect loading of i_blocks for large files (git-fixes).\n- firmware: arm_scmi: Remove space in MODULE_ALIAS name (git-fixes).\n- gianfar: ethtool: Fix refcount leak in gfar_get_ts_info (git-fixes).\n- gpiolib: acpi: Convert ACPI value of debounce to microseconds (git-fixes).\n- gpio: rockchip: Reset int_bothedge when changing trigger (git-fixes).\n- gpio: tegra186: Fix chip_data type confusion (git-fixes).\n- gpio: ts4900: Do not set DAT and OE together (git-fixes).\n- gtp: remove useless rcu_read_lock() (git-fixes).\n- hamradio: fix macro redefine warning (git-fixes).\n- Hand over the maintainership to SLE15-SP3 maintainers\n- HID: add mapping for KEY_ALL_APPLICATIONS (git-fixes).\n- HID: add mapping for KEY_DICTATE (git-fixes).\n- i2c: bcm2835: Avoid clock stretching timeouts (git-fixes).\n- iavf: Fix missing check for running netdev (git-fixes).\n- IB/hfi1: Correct guard on eager buffer deallocation (git-fixes).\n- IB/hfi1: Fix early init panic (git-fixes).\n- IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr (git-fixes).\n- IB/hfi1: Insure use of smp_processor_id() is preempt disabled (git-fixes).\n- IB/rdmavt: Validate remote_addr during loopback atomic tests (git-fixes).\n- ice: initialize local variable \u0027tlv\u0027 (jsc#SLE-12878).\n- igc: igc_read_phy_reg_gpy: drop premature return (git-fixes).\n- igc: igc_write_phy_reg_gpy: drop premature return (git-fixes).\n- iio: adc: ad7124: fix mask used for setting AIN_BUFP \u0026 AIN_BUFM bits (git-fixes).\n- iio: adc: men_z188_adc: Fix a resource leak in an error handling path (git-fixes).\n- iio: Fix error handling for PM (git-fixes).\n- Input: clear BTN_RIGHT/MIDDLE on buttonpads (git-fixes).\n- Input: elan_i2c - fix regulator enable count imbalance after suspend/resume (git-fixes).\n- Input: elan_i2c - move regulator_[en|dis]able() out of elan_[en|dis]able_power() (git-fixes).\n- ixgbe: xsk: change !netif_carrier_ok() handling in ixgbe_xmit_zc() (git-fixes).\n- mac80211: fix forwarded mesh frames AC \u0026 queue selection (git-fixes).\n- mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work (git-fixes).\n- mac80211_hwsim: report NOACK frames in tx_status (git-fixes).\n- mask out added spinlock in rndis_params (git-fixes).\n- mmc: meson: Fix usage of meson_mmc_post_req() (git-fixes).\n- net: dsa: mv88e6xxx: MV88E6097 does not support jumbo configuration (git-fixes).\n- net: ethernet: ti: cpsw: disable PTPv1 hw timestamping advertisement (git-fixes).\n- netfilter: nf_tables: fix memory leak during stateful obj update (bsc#1176447).\n- net: fix up skbs delta_truesize in UDP GRO frag_list (bsc#1176447).\n- net: hns3: Clear the CMDQ registers before unmapping BAR region (git-fixes).\n- net/mlx5e: Fix modify header actions memory leak (git-fixes).\n- net/mlx5e: Fix page DMA map/unmap attributes (bsc#1196468).\n- net/mlx5e: Fix wrong return value on ioctl EEPROM query failure (git-fixes).\n- net/mlx5e: kTLS, Use CHECKSUM_UNNECESSARY for device-offloaded packets (jsc#SLE-15172).\n- net/mlx5e: TC, Reject rules with drop and modify hdr action (git-fixes).\n- net/mlx5e: TC, Reject rules with forward and drop actions (git-fixes).\n- net/mlx5: Fix possible deadlock on rule deletion (git-fixes).\n- net/mlx5: Fix wrong limitation of metadata match on ecpf (git-fixes).\n- net/mlx5: Update the list of the PCI supported devices (git-fixes).\n- net: phy: DP83822: clear MISR2 register to disable interrupts (git-fixes).\n- net/sched: act_ct: Fix flow table lookup after ct clear or switching zones (jsc#SLE-15172).\n- netsec: ignore \u0027phy-mode\u0027 device property on ACPI systems (git-fixes).\n- net: sfc: Replace in_interrupt() usage (git-fixes).\n- net: tipc: validate domain record count on input (bsc#1195254).\n- net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990 (git-fixes).\n- NFC: port100: fix use-after-free in port100_send_complete (git-fixes).\n- nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac() (git-fixes).\n- nl80211: Handle nla_memdup failures in handle_nan_filter (git-fixes).\n- ntb: intel: fix port config status offset for SPR (git-fixes).\n- nvme: fix a possible use-after-free in controller reset during load (git-fixes).\n- nvme-multipath: use vmalloc for ANA log buffer (bsc#1193787).\n- nvme-rdma: fix possible use-after-free in transport error_recovery work (git-fixes).\n- nvme-tcp: fix possible use-after-free in transport error_recovery work (git-fixes).\n- powerpc/dma: Fallback to dma_ops when persistent memory present (bsc#1196472 ltc#192278).\n- powerpc/fadump: register for fadump as early as possible (bsc#1179439 ltc#190038).\n- powerpc/mm: Remove dcache flush from memory remove (bsc#1196433 ltc#196449).\n- powerpc/powernv/memtrace: Fix dcache flushing (bsc#1196433 ltc#196449).\n- powerpc/pseries/iommu: Fix window size for direct mapping with pmem (bsc#1196472 ltc#192278).\n- RDMA/bnxt_re: Scan the whole bitmap when checking if \u0027disabling RCFW with pending cmd-bit\u0027 (git-fixes).\n- RDMA/cma: Do not change route.addr.src_addr outside state checks (bsc#1181147).\n- RDMA/cma: Let cma_resolve_ib_dev() continue search even after empty entry (git-fixes).\n- RDMA/cma: Remove open coding of overflow checking for private_data_len (git-fixes).\n- RDMA/core: Do not infoleak GRH fields (git-fixes).\n- RDMA/core: Let ib_find_gid() continue search even after empty entry (git-fixes).\n- RDMA/cxgb4: Set queue pair state when being queried (git-fixes).\n- RDMA/hns: Validate the pkey index (git-fixes).\n- RDMA/ib_srp: Fix a deadlock (git-fixes).\n- RDMA/mlx4: Do not continue event handler after memory allocation failure (git-fixes).\n- RDMA/rtrs-clt: Fix possible double free in error case (jsc#SLE-15176).\n- RDMA/rxe: Fix a typo in opcode name (git-fixes).\n- RDMA/siw: Fix broken RDMA Read Fence/Resume logic (git-fixes).\n- RDMA/uverbs: Check for null return of kmalloc_array (git-fixes).\n- RDMA/uverbs: Remove the unnecessary assignment (git-fixes).\n- README.BRANCH: Add Frederic Weisbecker as branch maintainer\n- README.BRANCH: Remove Davidlohr Bueso as a branch maintainer\n- rpm/arch-symbols,guards,*driver: Replace Novell with SUSE.\n- rpm: SC2006: Use $(...) notation instead of legacy backticked `...`.\n- sched/core: Mitigate race (git-fixes)\n- scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put() (git-fixes).\n- scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe (git-fixes).\n- scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write() (git-fixes).\n- scsi: nsp_cs: Check of ioremap return value (git-fixes).\n- scsi: qedf: Fix potential dereference of NULL pointer (git-fixes).\n- scsi: smartpqi: Add PCI IDs (bsc#1196627).\n- scsi: ufs: Fix race conditions related to driver data (git-fixes).\n- selftests: mlxsw: tc_police_scale: Make test more robust (bsc#1176774).\n- soc: fsl: Correct MAINTAINERS database (QUICC ENGINE LIBRARY) (git-fixes).\n- soc: fsl: Correct MAINTAINERS database (SOC) (git-fixes).\n- soc: fsl: qe: Check of ioremap return value (git-fixes).\n- spi: spi-zynq-qspi: Fix a NULL pointer dereference in zynq_qspi_exec_mem_op() (git-fixes).\n- sr9700: sanity check for packet length (bsc#1196836).\n- staging: gdm724x: fix use after free in gdm_lte_rx() (git-fixes).\n- SUNRPC: avoid race between mod_timer() and del_timer_sync() (bnc#1195403).\n- tracing: Fix return value of __setup handlers (git-fixes).\n- tty: n_gsm: fix encoding of control signal octet bit DV (git-fixes).\n- tty: n_gsm: fix proper link termination after failed open (git-fixes).\n- usb: dwc2: Fix Stalling a Non-Isochronous OUT EP (git-fixes).\n- usb: dwc2: gadget: Fix GOUTNAK flow for Slave mode (git-fixes).\n- usb: dwc2: gadget: Fix kill_all_requests race (git-fixes).\n- usb: dwc2: use well defined macros for power_down (git-fixes).\n- usb: dwc3: gadget: Let the interrupt handler disable bottom halves (git-fixes).\n- usb: dwc3: meson-g12a: Disable the regulator in the error handling path of the probe (git-fixes).\n- usb: dwc3: pci: Fix Bay Trail phy GPIO mappings (git-fixes).\n- usb: gadget: rndis: add spinlock for rndis response list (git-fixes).\n- USB: gadget: validate endpoint index for xilinx udc (git-fixes).\n- USB: gadget: validate interface OS descriptor requests (git-fixes).\n- usb: host: xen-hcd: add missing unlock in error path (git-fixes).\n- USB: hub: Clean up use of port initialization schemes and retries (git-fixes).\n- usb: hub: Fix locking issues with address0_mutex (git-fixes).\n- usb: hub: Fix usb enumeration issue due to address0 race (git-fixes).\n- USB: serial: option: add support for DW5829e (git-fixes).\n- USB: serial: option: add Telit LE910R1 compositions (git-fixes).\n- USB: zaurus: support another broken Zaurus (git-fixes).\n- vrf: Fix fast path output packet handling with async Netfilter rules (git-fixes).\n- xen/usb: do not use gnttab_end_foreign_access() in xenhcd_gnttab_done() (bsc#1196488, XSA-396).\n- xhci: Prevent futile URB re-submissions due to incorrect return value (git-fixes).\n- xhci: re-initialize the HC during resume if HCE was set (git-fixes).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2022-1038,SUSE-SLE-Module-RT-15-SP3-2022-1038,SUSE-SUSE-MicroOS-5.1-2022-1038",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_1038-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2022:1038-1",
        "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221038-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2022:1038-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010567.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1176447",
        "url": "https://bugzilla.suse.com/1176447"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1176774",
        "url": "https://bugzilla.suse.com/1176774"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1178134",
        "url": "https://bugzilla.suse.com/1178134"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1179439",
        "url": "https://bugzilla.suse.com/1179439"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1181147",
        "url": "https://bugzilla.suse.com/1181147"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1191428",
        "url": "https://bugzilla.suse.com/1191428"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1192273",
        "url": "https://bugzilla.suse.com/1192273"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193787",
        "url": "https://bugzilla.suse.com/1193787"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194516",
        "url": "https://bugzilla.suse.com/1194516"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194943",
        "url": "https://bugzilla.suse.com/1194943"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195051",
        "url": "https://bugzilla.suse.com/1195051"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195211",
        "url": "https://bugzilla.suse.com/1195211"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195353",
        "url": "https://bugzilla.suse.com/1195353"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195403",
        "url": "https://bugzilla.suse.com/1195403"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195516",
        "url": "https://bugzilla.suse.com/1195516"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195612",
        "url": "https://bugzilla.suse.com/1195612"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195897",
        "url": "https://bugzilla.suse.com/1195897"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195908",
        "url": "https://bugzilla.suse.com/1195908"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195947",
        "url": "https://bugzilla.suse.com/1195947"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195949",
        "url": "https://bugzilla.suse.com/1195949"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195987",
        "url": "https://bugzilla.suse.com/1195987"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196079",
        "url": "https://bugzilla.suse.com/1196079"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196095",
        "url": "https://bugzilla.suse.com/1196095"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196130",
        "url": "https://bugzilla.suse.com/1196130"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196155",
        "url": "https://bugzilla.suse.com/1196155"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196299",
        "url": "https://bugzilla.suse.com/1196299"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196301",
        "url": "https://bugzilla.suse.com/1196301"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196403",
        "url": "https://bugzilla.suse.com/1196403"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196468",
        "url": "https://bugzilla.suse.com/1196468"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196472",
        "url": "https://bugzilla.suse.com/1196472"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196488",
        "url": "https://bugzilla.suse.com/1196488"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196627",
        "url": "https://bugzilla.suse.com/1196627"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196723",
        "url": "https://bugzilla.suse.com/1196723"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196776",
        "url": "https://bugzilla.suse.com/1196776"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196779",
        "url": "https://bugzilla.suse.com/1196779"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196830",
        "url": "https://bugzilla.suse.com/1196830"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196866",
        "url": "https://bugzilla.suse.com/1196866"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196868",
        "url": "https://bugzilla.suse.com/1196868"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197300",
        "url": "https://bugzilla.suse.com/1197300"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 922815",
        "url": "https://bugzilla.suse.com/922815"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 998635",
        "url": "https://bugzilla.suse.com/998635"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-0920 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-0920/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39698 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39698/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-44879 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-44879/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-45402 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-45402/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0487 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0487/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0492 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0492/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0516 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0516/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0617 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0617/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0644 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0644/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-23036 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-23036/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-23037 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-23037/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-23038 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-23038/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-23039 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-23039/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-23040 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-23040/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-23041 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-23041/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-23042 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-23042/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24448 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24448/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24958 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24958/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24959 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24959/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-25258 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-25258/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-25636 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-25636/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-26490 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-26490/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-26966 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-26966/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-27223 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-27223/"
      }
    ],
    "title": "Security update for the Linux Kernel",
    "tracking": {
      "current_release_date": "2022-03-30T07:37:14Z",
      "generator": {
        "date": "2022-03-30T07:37:14Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2022:1038-1",
      "initial_release_date": "2022-03-30T07:37:14Z",
      "revision_history": [
        {
          "date": "2022-03-30T07:37:14Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-devel-rt-5.3.18-150300.82.1.noarch",
                "product": {
                  "name": "kernel-devel-rt-5.3.18-150300.82.1.noarch",
                  "product_id": "kernel-devel-rt-5.3.18-150300.82.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-rt-5.3.18-150300.82.1.noarch",
                "product": {
                  "name": "kernel-source-rt-5.3.18-150300.82.1.noarch",
                  "product_id": "kernel-source-rt-5.3.18-150300.82.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
                "product": {
                  "name": "cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
                  "product_id": "cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "cluster-md-kmp-rt_debug-5.3.18-150300.82.1.x86_64",
                "product": {
                  "name": "cluster-md-kmp-rt_debug-5.3.18-150300.82.1.x86_64",
                  "product_id": "cluster-md-kmp-rt_debug-5.3.18-150300.82.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
                "product": {
                  "name": "dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
                  "product_id": "dlm-kmp-rt-5.3.18-150300.82.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-rt_debug-5.3.18-150300.82.1.x86_64",
                "product": {
                  "name": "dlm-kmp-rt_debug-5.3.18-150300.82.1.x86_64",
                  "product_id": "dlm-kmp-rt_debug-5.3.18-150300.82.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
                "product": {
                  "name": "gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
                  "product_id": "gfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-rt_debug-5.3.18-150300.82.1.x86_64",
                "product": {
                  "name": "gfs2-kmp-rt_debug-5.3.18-150300.82.1.x86_64",
                  "product_id": "gfs2-kmp-rt_debug-5.3.18-150300.82.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-5.3.18-150300.82.1.x86_64",
                "product": {
                  "name": "kernel-rt-5.3.18-150300.82.1.x86_64",
                  "product_id": "kernel-rt-5.3.18-150300.82.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-devel-5.3.18-150300.82.1.x86_64",
                "product": {
                  "name": "kernel-rt-devel-5.3.18-150300.82.1.x86_64",
                  "product_id": "kernel-rt-devel-5.3.18-150300.82.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-extra-5.3.18-150300.82.1.x86_64",
                "product": {
                  "name": "kernel-rt-extra-5.3.18-150300.82.1.x86_64",
                  "product_id": "kernel-rt-extra-5.3.18-150300.82.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-livepatch-devel-5.3.18-150300.82.1.x86_64",
                "product": {
                  "name": "kernel-rt-livepatch-devel-5.3.18-150300.82.1.x86_64",
                  "product_id": "kernel-rt-livepatch-devel-5.3.18-150300.82.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-optional-5.3.18-150300.82.1.x86_64",
                "product": {
                  "name": "kernel-rt-optional-5.3.18-150300.82.1.x86_64",
                  "product_id": "kernel-rt-optional-5.3.18-150300.82.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt_debug-5.3.18-150300.82.1.x86_64",
                "product": {
                  "name": "kernel-rt_debug-5.3.18-150300.82.1.x86_64",
                  "product_id": "kernel-rt_debug-5.3.18-150300.82.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
                "product": {
                  "name": "kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
                  "product_id": "kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt_debug-extra-5.3.18-150300.82.1.x86_64",
                "product": {
                  "name": "kernel-rt_debug-extra-5.3.18-150300.82.1.x86_64",
                  "product_id": "kernel-rt_debug-extra-5.3.18-150300.82.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt_debug-livepatch-devel-5.3.18-150300.82.1.x86_64",
                "product": {
                  "name": "kernel-rt_debug-livepatch-devel-5.3.18-150300.82.1.x86_64",
                  "product_id": "kernel-rt_debug-livepatch-devel-5.3.18-150300.82.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt_debug-optional-5.3.18-150300.82.1.x86_64",
                "product": {
                  "name": "kernel-rt_debug-optional-5.3.18-150300.82.1.x86_64",
                  "product_id": "kernel-rt_debug-optional-5.3.18-150300.82.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-rt-5.3.18-150300.82.1.x86_64",
                "product": {
                  "name": "kernel-syms-rt-5.3.18-150300.82.1.x86_64",
                  "product_id": "kernel-syms-rt-5.3.18-150300.82.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-rt-5.3.18-150300.82.1.x86_64",
                "product": {
                  "name": "kselftests-kmp-rt-5.3.18-150300.82.1.x86_64",
                  "product_id": "kselftests-kmp-rt-5.3.18-150300.82.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-rt_debug-5.3.18-150300.82.1.x86_64",
                "product": {
                  "name": "kselftests-kmp-rt_debug-5.3.18-150300.82.1.x86_64",
                  "product_id": "kselftests-kmp-rt_debug-5.3.18-150300.82.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
                "product": {
                  "name": "ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
                  "product_id": "ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-rt_debug-5.3.18-150300.82.1.x86_64",
                "product": {
                  "name": "ocfs2-kmp-rt_debug-5.3.18-150300.82.1.x86_64",
                  "product_id": "ocfs2-kmp-rt_debug-5.3.18-150300.82.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-rt-5.3.18-150300.82.1.x86_64",
                "product": {
                  "name": "reiserfs-kmp-rt-5.3.18-150300.82.1.x86_64",
                  "product_id": "reiserfs-kmp-rt-5.3.18-150300.82.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-rt_debug-5.3.18-150300.82.1.x86_64",
                "product": {
                  "name": "reiserfs-kmp-rt_debug-5.3.18-150300.82.1.x86_64",
                  "product_id": "reiserfs-kmp-rt_debug-5.3.18-150300.82.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Real Time Module 15 SP3",
                "product": {
                  "name": "SUSE Real Time Module 15 SP3",
                  "product_id": "SUSE Real Time Module 15 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-rt:15:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Micro 5.1",
                "product": {
                  "name": "SUSE Linux Enterprise Micro 5.1",
                  "product_id": "SUSE Linux Enterprise Micro 5.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse-microos:5.1"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64 as component of SUSE Real Time Module 15 SP3",
          "product_id": "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64"
        },
        "product_reference": "cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-rt-5.3.18-150300.82.1.x86_64 as component of SUSE Real Time Module 15 SP3",
          "product_id": "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64"
        },
        "product_reference": "dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-rt-5.3.18-150300.82.1.x86_64 as component of SUSE Real Time Module 15 SP3",
          "product_id": "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
        },
        "product_reference": "gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-rt-5.3.18-150300.82.1.noarch as component of SUSE Real Time Module 15 SP3",
          "product_id": "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch"
        },
        "product_reference": "kernel-devel-rt-5.3.18-150300.82.1.noarch",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-5.3.18-150300.82.1.x86_64 as component of SUSE Real Time Module 15 SP3",
          "product_id": "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64"
        },
        "product_reference": "kernel-rt-5.3.18-150300.82.1.x86_64",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-devel-5.3.18-150300.82.1.x86_64 as component of SUSE Real Time Module 15 SP3",
          "product_id": "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64"
        },
        "product_reference": "kernel-rt-devel-5.3.18-150300.82.1.x86_64",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64 as component of SUSE Real Time Module 15 SP3",
          "product_id": "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64"
        },
        "product_reference": "kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-rt-5.3.18-150300.82.1.noarch as component of SUSE Real Time Module 15 SP3",
          "product_id": "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch"
        },
        "product_reference": "kernel-source-rt-5.3.18-150300.82.1.noarch",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-rt-5.3.18-150300.82.1.x86_64 as component of SUSE Real Time Module 15 SP3",
          "product_id": "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64"
        },
        "product_reference": "kernel-syms-rt-5.3.18-150300.82.1.x86_64",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64 as component of SUSE Real Time Module 15 SP3",
          "product_id": "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
        },
        "product_reference": "ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-5.3.18-150300.82.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
          "product_id": "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64"
        },
        "product_reference": "kernel-rt-5.3.18-150300.82.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-0920",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-0920"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196926917References: Upstream kernel",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-0920",
          "url": "https://www.suse.com/security/cve/CVE-2021-0920"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1193731 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1193731"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194463 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1194463"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195939 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1195939"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199255 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1199255"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200084 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1200084"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:14Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-0920"
    },
    {
      "cve": "CVE-2021-39698",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39698"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In aio_poll_complete_work of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-185125206References: Upstream kernel",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39698",
          "url": "https://www.suse.com/security/cve/CVE-2021-39698"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196956 for CVE-2021-39698",
          "url": "https://bugzilla.suse.com/1196956"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196959 for CVE-2021-39698",
          "url": "https://bugzilla.suse.com/1196959"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1209225 for CVE-2021-39698",
          "url": "https://bugzilla.suse.com/1209225"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:14Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-39698"
    },
    {
      "cve": "CVE-2021-44879",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-44879"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-44879",
          "url": "https://www.suse.com/security/cve/CVE-2021-44879"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195987 for CVE-2021-44879",
          "url": "https://bugzilla.suse.com/1195987"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:14Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-44879"
    },
    {
      "cve": "CVE-2021-45402",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-45402"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The check_alu_op() function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did not properly update bounds while handling the mov32 instruction, which allows local users to obtain potentially sensitive address information, aka a \"pointer leak.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-45402",
          "url": "https://www.suse.com/security/cve/CVE-2021-45402"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196130 for CVE-2021-45402",
          "url": "https://bugzilla.suse.com/1196130"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:14Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-45402"
    },
    {
      "cve": "CVE-2022-0487",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0487"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0487",
          "url": "https://www.suse.com/security/cve/CVE-2022-0487"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194516 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1194516"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195949 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1195949"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198615 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1198615"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:14Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0487"
    },
    {
      "cve": "CVE-2022-0492",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0492"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability was found in the Linux kernel\u0027s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0492",
          "url": "https://www.suse.com/security/cve/CVE-2022-0492"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195543 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1195543"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195908 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1195908"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196612 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1196612"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196776 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1196776"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198615 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1198615"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199255 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1199255"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199615 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1199615"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200084 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1200084"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:14Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0492"
    },
    {
      "cve": "CVE-2022-0516",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0516"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local attacker with a normal user privilege to obtain unauthorized memory write access. This flaw affects Linux kernel versions prior to 5.17-rc4.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0516",
          "url": "https://www.suse.com/security/cve/CVE-2022-0516"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195516 for CVE-2022-0516",
          "url": "https://bugzilla.suse.com/1195516"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195947 for CVE-2022-0516",
          "url": "https://bugzilla.suse.com/1195947"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:14Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-0516"
    },
    {
      "cve": "CVE-2022-0617",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0617"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0617",
          "url": "https://www.suse.com/security/cve/CVE-2022-0617"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196079 for CVE-2022-0617",
          "url": "https://bugzilla.suse.com/1196079"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:14Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0617"
    },
    {
      "cve": "CVE-2022-0644",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0644"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0644",
          "url": "https://www.suse.com/security/cve/CVE-2022-0644"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196155 for CVE-2022-0644",
          "url": "https://bugzilla.suse.com/1196155"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:14Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0644"
    },
    {
      "cve": "CVE-2022-23036",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-23036"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn\u0027t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-23036",
          "url": "https://www.suse.com/security/cve/CVE-2022-23036"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196488 for CVE-2022-23036",
          "url": "https://bugzilla.suse.com/1196488"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199099 for CVE-2022-23036",
          "url": "https://bugzilla.suse.com/1199099"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199141 for CVE-2022-23036",
          "url": "https://bugzilla.suse.com/1199141"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-23036",
          "url": "https://bugzilla.suse.com/1204132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:14Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-23036"
    },
    {
      "cve": "CVE-2022-23037",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-23037"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn\u0027t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-23037",
          "url": "https://www.suse.com/security/cve/CVE-2022-23037"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199099 for CVE-2022-23037",
          "url": "https://bugzilla.suse.com/1199099"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199141 for CVE-2022-23037",
          "url": "https://bugzilla.suse.com/1199141"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-23037",
          "url": "https://bugzilla.suse.com/1204132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:14Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-23037"
    },
    {
      "cve": "CVE-2022-23038",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-23038"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn\u0027t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-23038",
          "url": "https://www.suse.com/security/cve/CVE-2022-23038"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199099 for CVE-2022-23038",
          "url": "https://bugzilla.suse.com/1199099"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199141 for CVE-2022-23038",
          "url": "https://bugzilla.suse.com/1199141"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-23038",
          "url": "https://bugzilla.suse.com/1204132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:14Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-23038"
    },
    {
      "cve": "CVE-2022-23039",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-23039"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn\u0027t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-23039",
          "url": "https://www.suse.com/security/cve/CVE-2022-23039"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199099 for CVE-2022-23039",
          "url": "https://bugzilla.suse.com/1199099"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199141 for CVE-2022-23039",
          "url": "https://bugzilla.suse.com/1199141"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-23039",
          "url": "https://bugzilla.suse.com/1204132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:14Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-23039"
    },
    {
      "cve": "CVE-2022-23040",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-23040"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn\u0027t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-23040",
          "url": "https://www.suse.com/security/cve/CVE-2022-23040"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199099 for CVE-2022-23040",
          "url": "https://bugzilla.suse.com/1199099"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199141 for CVE-2022-23040",
          "url": "https://bugzilla.suse.com/1199141"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-23040",
          "url": "https://bugzilla.suse.com/1204132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:14Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-23040"
    },
    {
      "cve": "CVE-2022-23041",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-23041"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn\u0027t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-23041",
          "url": "https://www.suse.com/security/cve/CVE-2022-23041"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199099 for CVE-2022-23041",
          "url": "https://bugzilla.suse.com/1199099"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199141 for CVE-2022-23041",
          "url": "https://bugzilla.suse.com/1199141"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-23041",
          "url": "https://bugzilla.suse.com/1204132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:14Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-23041"
    },
    {
      "cve": "CVE-2022-23042",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-23042"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn\u0027t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-23042",
          "url": "https://www.suse.com/security/cve/CVE-2022-23042"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199099 for CVE-2022-23042",
          "url": "https://bugzilla.suse.com/1199099"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199141 for CVE-2022-23042",
          "url": "https://bugzilla.suse.com/1199141"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-23042",
          "url": "https://bugzilla.suse.com/1204132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:14Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-23042"
    },
    {
      "cve": "CVE-2022-24448",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24448"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file descriptor.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24448",
          "url": "https://www.suse.com/security/cve/CVE-2022-24448"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195612 for CVE-2022-24448",
          "url": "https://bugzilla.suse.com/1195612"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:14Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24448"
    },
    {
      "cve": "CVE-2022-24958",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24958"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev-\u003ebuf release.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24958",
          "url": "https://www.suse.com/security/cve/CVE-2022-24958"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195905 for CVE-2022-24958",
          "url": "https://bugzilla.suse.com/1195905"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:14Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24958"
    },
    {
      "cve": "CVE-2022-24959",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24959"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in yam_siocdevprivate in drivers/net/hamradio/yam.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24959",
          "url": "https://www.suse.com/security/cve/CVE-2022-24959"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195897 for CVE-2022-24959",
          "url": "https://bugzilla.suse.com/1195897"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:14Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24959"
    },
    {
      "cve": "CVE-2022-25258",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-25258"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory corruption might occur.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-25258",
          "url": "https://www.suse.com/security/cve/CVE-2022-25258"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196095 for CVE-2022-25258",
          "url": "https://bugzilla.suse.com/1196095"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196132 for CVE-2022-25258",
          "url": "https://bugzilla.suse.com/1196132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:14Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-25258"
    },
    {
      "cve": "CVE-2022-25636",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-25636"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-25636",
          "url": "https://www.suse.com/security/cve/CVE-2022-25636"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196299 for CVE-2022-25636",
          "url": "https://bugzilla.suse.com/1196299"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196301 for CVE-2022-25636",
          "url": "https://bugzilla.suse.com/1196301"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:14Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-25636"
    },
    {
      "cve": "CVE-2022-26490",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-26490"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-26490",
          "url": "https://www.suse.com/security/cve/CVE-2022-26490"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196830 for CVE-2022-26490",
          "url": "https://bugzilla.suse.com/1196830"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201656 for CVE-2022-26490",
          "url": "https://bugzilla.suse.com/1201656"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201969 for CVE-2022-26490",
          "url": "https://bugzilla.suse.com/1201969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1211495 for CVE-2022-26490",
          "url": "https://bugzilla.suse.com/1211495"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:14Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-26490"
    },
    {
      "cve": "CVE-2022-26966",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-26966"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in the Linux kernel before 5.16.12. drivers/net/usb/sr9700.c allows attackers to obtain sensitive information from heap memory via crafted frame lengths from a device.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-26966",
          "url": "https://www.suse.com/security/cve/CVE-2022-26966"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196836 for CVE-2022-26966",
          "url": "https://bugzilla.suse.com/1196836"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:14Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-26966"
    },
    {
      "cve": "CVE-2022-27223",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-27223"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12, the endpoint index is not validated and might be manipulated by the host for out-of-array access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
          "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
          "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-27223",
          "url": "https://www.suse.com/security/cve/CVE-2022-27223"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1197245 for CVE-2022-27223",
          "url": "https://bugzilla.suse.com/1197245"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.82.1.noarch",
            "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.82.1.x86_64",
            "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.82.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:14Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-27223"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes.\n\nTransient execution side-channel attacks attacking the Branch History Buffer (BHB),\nnamed \u0027Branch Target Injection\u0027 and \u0027Intra-Mode Branch History Injection\u0027 are now mitigated.\n\nThe following security bugs were fixed:\n\n- CVE-2022-0001: Fixed Branch History Injection vulnerability (bsc#1191580).\n- CVE-2022-0002: Fixed Intra-Mode Branch Target Injection vulnerability (bsc#1191580).\n- CVE-2022-0847: Fixed a vulnerability were a local attackers could overwrite data in arbitrary (read-only) files (bsc#1196584).\n- CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image. (bsc#1196079)\n- CVE-2022-0644: Fixed a denial of service by a local user. A assertion failure could be triggered in kernel_read_file_from_fd() (bsc#1196155).\n- CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were not considered, which lead to a move_data_page NULL pointer dereference (bsc#1195987).\n- CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in drivers/net/hamradio/yam.c (bsc#1195897).\n- CVE-2022-0487: A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c (bsc#1194516).\n- CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly (bsc#1195543).\n- CVE-2022-24448: Fixed an issue in fs/nfs/dir.c. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should have occured, but the server instead returned uninitialized data in the file descriptor (bsc#1195612).\n- CVE-2021-45095: Fixed refcount leak in pep_sock_accept in net/phonet/pep.c (bsc#1193867).\n\nThe following non-security bugs were fixed:\n\n- Bluetooth: bfusb: fix division by zero in send path (git-fixes).\n- Bluetooth: fix the erroneous flush_work() order (git-fixes).\n- EDAC/xgene: Fix deferred probing (bsc#1114648).\n- IB/rdmavt: Validate remote_addr during loopback atomic tests (bsc#1114685).\n- NFSv4.x: by default serialize open/close operations (bsc#1114893 bsc#1195934). Make this work-around optional\n- NFSv42: Do not fail clone() unless the OP_CLONE operation failed (git-fixes).\n- NFSv42: Fix pagecache invalidation after COPY/CLONE (git-fixes).\n- NFSv4: Handle case where the lookup of a directory fails (git-fixes).\n- NFSv4: nfs_atomic_open() can race when looking up a non-regular file (git-fixes).\n- PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA controller (git-fixes).\n- RDMA/bnxt_re: Fix query SRQ failure (bsc#1050244).\n- RDMA/mlx5: Set user priority for DCT (bsc#1103991).\n- RDMA/netlink: Add __maybe_unused to static inline in C file (bsc#1046306).\n- Replace with an alternative fix for bsc#1185377\n- crypto: af_alg - get_page upon reassignment to TX SGL (bsc#1195840).\n- cxgb4: fix eeprom len when diagnostics not implemented (bsc#1097585 bsc#1097586 bsc#1097587 bsc#1097588 bsc#1097583 bsc#1097584).\n- e1000e: Fix packet loss on Tiger Lake and later (bsc#1158533).\n- ext4: avoid trim error on fs with small groups (bsc#1191271).\n- fuse: annotate lock in fuse_reverse_inval_entry() (bsc#1195795).\n- gve: Add RX context (bsc#1191655).\n- gve: Add a jumbo-frame device option (bsc#1191655).\n- gve: Add consumed counts to ethtool stats (bsc#1191655).\n- gve: Add netif_set_xps_queue call (bsc#1191655).\n- gve: Add optional metadata descriptor type GVE_TXD_MTD (bsc#1191655).\n- gve: Add rx buffer pagecnt bias (bsc#1191655).\n- gve: Allow pageflips on larger pages (bsc#1191655).\n- gve: Avoid freeing NULL pointer (bsc#1191655).\n- gve: Correct available tx qpl check (bsc#1191655).\n- gve: Correct order of processing device options (bsc#1191655).\n- gve: DQO: avoid unused variable warnings (bsc#1191655).\n- gve: Do lazy cleanup in TX path (bsc#1191655).\n- gve: Fix GFP flags when allocing pages (bsc#1191655).\n- gve: Implement packet continuation for RX (bsc#1191655).\n- gve: Implement suspend/resume/shutdown (bsc#1191655).\n- gve: Move the irq db indexes out of the ntfy block struct (bsc#1191655).\n- gve: Properly handle errors in gve_assign_qpl (bsc#1191655).\n- gve: Recording rx queue before sending to napi (bsc#1191655).\n- gve: Switch to use napi_complete_done (bsc#1191655).\n- gve: Track RX buffer allocation failures (bsc#1191655).\n- gve: Update gve_free_queue_page_list signature (bsc#1191655).\n- gve: Use kvcalloc() instead of kvzalloc() (bsc#1191655).\n- gve: fix for null pointer dereference (bsc#1191655).\n- gve: fix gve_get_stats() (bsc#1191655).\n- gve: fix the wrong AdminQ buffer queue index check (bsc#1191655).\n- gve: fix unmatched u64_stats_update_end() (bsc#1191655).\n- gve: remove memory barrier around seqno (bsc#1191655).\n- gve: report 64bit tx_bytes counter from gve_handle_report_stats() (bsc#1191655).\n- i40e: Fix changing previously set num_queue_pairs for PFs (bsc#1094978).\n- i40e: Fix correct max_pkt_size on VF RX queue (bsc#1101816 ).\n- i40e: Fix creation of first queue by omitting it if is not power of two (bsc#1101816).\n- i40e: Fix display error code in dmesg (bsc#1109837 bsc#1111981 ).\n- i40e: Fix for displaying message regarding NVM version (jsc#SLE-4797).\n- i40e: Fix freeing of uninitialized misc IRQ vector (bsc#1101816 ).\n- i40e: Fix ping is lost after configuring ADq on VF (bsc#1094978).\n- i40e: Fix pre-set max number of queues for VF (bsc#1111981 ).\n- i40e: Increase delay to 1 s after global EMP reset (bsc#1101816 ).\n- iavf: Fix limit of total number of queues to active queues of VF (bsc#1111981).\n- iavf: prevent accidental free of filter structure (bsc#1111981 ).\n- ibmvnic: Allow queueing resets during probe (bsc#1196516 ltc#196391).\n- ibmvnic: Update driver return codes (bsc#1196516 ltc#196391).\n- ibmvnic: clear fop when retrying probe (bsc#1196516 ltc#196391).\n- ibmvnic: complete init_done on transport events (bsc#1196516 ltc#196391).\n- ibmvnic: define flush_reset_queue helper (bsc#1196516 ltc#196391).\n- ibmvnic: free reset-work-item when flushing (bsc#1196516 ltc#196391).\n- ibmvnic: init init_done_rc earlier (bsc#1196516 ltc#196391).\n- ibmvnic: initialize rc before completing wait (bsc#1196516 ltc#196391).\n- ibmvnic: register netdev after init of adapter (bsc#1196516 ltc#196391).\n- ibmvnic: schedule failover only if vioctl fails (bsc#1196400 ltc#195815).\n- ice: Delete always true check of PF pointer (bsc#1118661 ).\n- ice: ignore dropped packets during init (bsc#1118661 ).\n- igb: Fix removal of unicast MAC filters of VFs (bsc#1117495).\n- ixgbevf: Require large buffers for build_skb on 82599VF (bsc#1101674).\n- kabi: Hide changes to s390/AP structures (jsc#SLE-20809).\n- lib/iov_iter: initialize \u0027flags\u0027 in new pipe_buffer (bsc#1196584).\n- mqprio: Correct stats in mqprio_dump_class_stats() (bsc#1109837).\n- net/ibmvnic: Cleanup workaround doing an EOI after partition migration (bsc#1089644 ltc#166495 ltc#165544 git-fixes).\n- net: Prevent infinite while loop in skb_tx_hash() (bsc#1109837).\n- net: ena: Fix error handling when calculating max IO queues number (bsc#1174852).\n- net: ena: Fix undefined state when tx request id is out of bounds (bsc#1174852).\n- net: marvell: mvpp2: Fix the computation of shared CPUs (bsc#1119113).\n- net: phylink: avoid mvneta warning when setting pause parameters (bsc#1119113).\n- net: usb: pegasus: Do not drop long Ethernet frames (git-fixes).\n- nfsd: fix use-after-free due to delegation race (git-fixes).\n- phylib: fix potential use-after-free (bsc#1119113).\n- platform/mellanox: mlxreg-io: Fix argument base in kstrtou32() call (bsc#1112374).\n- powerpc/64s: Fix debugfs_simple_attr.cocci warnings (bsc#1157038 bsc#1157923 ltc#182612 git-fixes).\n- powerpc/pseries/ddw: Revert \u0027Extend upper limit for huge DMA window for persistent memory\u0027 (bsc#1195995 ltc#196394).\n- powerpc/pseries: read the lpar name from the firmware (bsc#1187716 ltc#193451).\n- powerpc: add link stack flush mitigation status in debugfs (bsc#1157038 bsc#1157923 ltc#182612 git-fixes).\n- qed: Handle management FW error (git-fixes).\n- qed: rdma - do not wait for resources under hw error recovery flow (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- rndis_host: support Hytera digital radios (git-fixes).\n- s390/AP: support new dynamic AP bus size limit (jsc#SLE-20809).\n- s390/ap: rework crypto config info and default domain code (jsc#SLE-20809).\n- s390/cpumf: Support for CPU Measurement Facility CSVN 7 (bsc#1195080 LTC#196090).\n- s390/cpumf: Support for CPU Measurement Sampling Facility LS bit (bsc#1195080 LTC#196090).\n- s390/hypfs: include z/VM guests with access control group set (bsc#1195638 LTC#196354).\n- scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put() (git-fixes).\n- scsi: lpfc: Fix pt2pt NVMe PRLI reject LOGO loop (bsc#1189126).\n- scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write() (git-fixes).\n- scsi: nsp_cs: Check of ioremap return value (git-fixes).\n- scsi: qedf: Fix potential dereference of NULL pointer (git-fixes).\n- scsi: qla2xxx: Add devids and conditionals for 28xx (bsc#1195823).\n- scsi: qla2xxx: Add ql2xnvme_queues module param to configure number of NVMe queues (bsc#1195823).\n- scsi: qla2xxx: Add qla2x00_async_done() for async routines (bsc#1195823).\n- scsi: qla2xxx: Add retry for exec firmware (bsc#1195823).\n- scsi: qla2xxx: Check for firmware dump already collected (bsc#1195823).\n- scsi: qla2xxx: Fix T10 PI tag escape and IP guard options for 28XX adapters (bsc#1195823).\n- scsi: qla2xxx: Fix device reconnect in loop topology (bsc#1195823).\n- scsi: qla2xxx: Fix premature hw access after PCI error (bsc#1195823).\n- scsi: qla2xxx: Fix scheduling while atomic (bsc#1195823).\n- scsi: qla2xxx: Fix stuck session in gpdb (bsc#1195823).\n- scsi: qla2xxx: Fix unmap of already freed sgl (bsc#1195823).\n- scsi: qla2xxx: Fix warning for missing error code (bsc#1195823).\n- scsi: qla2xxx: Fix warning message due to adisc being flushed (bsc#1195823).\n- scsi: qla2xxx: Fix wrong FDMI data for 64G adapter (bsc#1195823).\n- scsi: qla2xxx: Implement ref count for SRB (bsc#1195823).\n- scsi: qla2xxx: Refactor asynchronous command initialization (bsc#1195823).\n- scsi: qla2xxx: Remove a declaration (bsc#1195823).\n- scsi: qla2xxx: Remove unused qla_sess_op_cmd_list from scsi_qla_host_t (bsc#1195823).\n- scsi: qla2xxx: Return -ENOMEM if kzalloc() fails (bsc#1195823).\n- scsi: qla2xxx: Suppress a kernel complaint in qla_create_qpair() (bsc#1195823).\n- scsi: qla2xxx: Update version to 10.02.07.300-k (bsc#1195823).\n- scsi: qla2xxx: edif: Fix clang warning (bsc#1195823).\n- scsi: qla2xxx: edif: Fix inconsistent check of db_flags (bsc#1195823).\n- scsi: qla2xxx: edif: Reduce connection thrash (bsc#1195823).\n- scsi: qla2xxx: edif: Replace list_for_each_safe with list_for_each_entry_safe (bsc#1195823).\n- scsi: qla2xxx: edif: Tweak trace message (bsc#1195823).\n- scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() (git-fixes).\n- scsi: ufs: Fix race conditions related to driver data (git-fixes).\n- scsi: zfcp: Fix failed recovery on gone remote port with non-NPIV FCP devices (bsc#1195377 LTC#196245).\n- sunrpc/auth_gss: support timeout on gss upcalls (bsc#1193857).\n- tracing: Dump stacktrace trigger to the corresponding instance (git-fixes).\n- tracing: Have traceon and traceoff trigger honor the instance (git-fixes).\n- usb: common: ulpi: Fix crash in ulpi_match() (git-fixes).\n- usb: typec: tcpm: Do not disconnect while receiving VBUS off (git-fixes).\n- xfrm: fix MTU regression (bsc#1185377, bsc#1194048).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2022-767,SUSE-SLE-HA-12-SP5-2022-767,SUSE-SLE-Live-Patching-12-SP5-2022-767,SUSE-SLE-SDK-12-SP5-2022-767,SUSE-SLE-SERVER-12-SP5-2022-767,SUSE-SLE-WE-12-SP5-2022-767",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_0767-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2022:0767-1",
        "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20220767-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2022:0767-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010399.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1046306",
        "url": "https://bugzilla.suse.com/1046306"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1050244",
        "url": "https://bugzilla.suse.com/1050244"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1089644",
        "url": "https://bugzilla.suse.com/1089644"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1094978",
        "url": "https://bugzilla.suse.com/1094978"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1097583",
        "url": "https://bugzilla.suse.com/1097583"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1097584",
        "url": "https://bugzilla.suse.com/1097584"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1097585",
        "url": "https://bugzilla.suse.com/1097585"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1097586",
        "url": "https://bugzilla.suse.com/1097586"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1097587",
        "url": "https://bugzilla.suse.com/1097587"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1097588",
        "url": "https://bugzilla.suse.com/1097588"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1101674",
        "url": "https://bugzilla.suse.com/1101674"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1101816",
        "url": "https://bugzilla.suse.com/1101816"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1103991",
        "url": "https://bugzilla.suse.com/1103991"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1109837",
        "url": "https://bugzilla.suse.com/1109837"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1111981",
        "url": "https://bugzilla.suse.com/1111981"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112374",
        "url": "https://bugzilla.suse.com/1112374"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1114648",
        "url": "https://bugzilla.suse.com/1114648"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1114685",
        "url": "https://bugzilla.suse.com/1114685"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1114893",
        "url": "https://bugzilla.suse.com/1114893"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1117495",
        "url": "https://bugzilla.suse.com/1117495"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1118661",
        "url": "https://bugzilla.suse.com/1118661"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1119113",
        "url": "https://bugzilla.suse.com/1119113"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1136460",
        "url": "https://bugzilla.suse.com/1136460"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1136461",
        "url": "https://bugzilla.suse.com/1136461"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1157038",
        "url": "https://bugzilla.suse.com/1157038"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1157923",
        "url": "https://bugzilla.suse.com/1157923"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1158533",
        "url": "https://bugzilla.suse.com/1158533"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1174852",
        "url": "https://bugzilla.suse.com/1174852"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1185377",
        "url": "https://bugzilla.suse.com/1185377"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1185973",
        "url": "https://bugzilla.suse.com/1185973"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1187716",
        "url": "https://bugzilla.suse.com/1187716"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1189126",
        "url": "https://bugzilla.suse.com/1189126"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1191271",
        "url": "https://bugzilla.suse.com/1191271"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1191580",
        "url": "https://bugzilla.suse.com/1191580"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1191655",
        "url": "https://bugzilla.suse.com/1191655"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193857",
        "url": "https://bugzilla.suse.com/1193857"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193867",
        "url": "https://bugzilla.suse.com/1193867"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194048",
        "url": "https://bugzilla.suse.com/1194048"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194516",
        "url": "https://bugzilla.suse.com/1194516"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195080",
        "url": "https://bugzilla.suse.com/1195080"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195377",
        "url": "https://bugzilla.suse.com/1195377"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195536",
        "url": "https://bugzilla.suse.com/1195536"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195543",
        "url": "https://bugzilla.suse.com/1195543"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195612",
        "url": "https://bugzilla.suse.com/1195612"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195638",
        "url": "https://bugzilla.suse.com/1195638"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195795",
        "url": "https://bugzilla.suse.com/1195795"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195823",
        "url": "https://bugzilla.suse.com/1195823"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195840",
        "url": "https://bugzilla.suse.com/1195840"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195897",
        "url": "https://bugzilla.suse.com/1195897"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195908",
        "url": "https://bugzilla.suse.com/1195908"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195934",
        "url": "https://bugzilla.suse.com/1195934"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195949",
        "url": "https://bugzilla.suse.com/1195949"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195987",
        "url": "https://bugzilla.suse.com/1195987"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195995",
        "url": "https://bugzilla.suse.com/1195995"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196079",
        "url": "https://bugzilla.suse.com/1196079"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196155",
        "url": "https://bugzilla.suse.com/1196155"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196400",
        "url": "https://bugzilla.suse.com/1196400"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196516",
        "url": "https://bugzilla.suse.com/1196516"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196584",
        "url": "https://bugzilla.suse.com/1196584"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196612",
        "url": "https://bugzilla.suse.com/1196612"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-44879 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-44879/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-45095 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-45095/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0001 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0001/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0002 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0002/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0487 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0487/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0492 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0492/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0617 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0617/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0644 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0644/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0847 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0847/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24448 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24448/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24959 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24959/"
      }
    ],
    "title": "Security update for the Linux Kernel",
    "tracking": {
      "current_release_date": "2022-03-09T10:21:52Z",
      "generator": {
        "date": "2022-03-09T10:21:52Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2022:0767-1",
      "initial_release_date": "2022-03-09T10:21:52Z",
      "revision_history": [
        {
          "date": "2022-03-09T10:21:52Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-4.12.14-122.113.1.aarch64",
                "product": {
                  "name": "cluster-md-kmp-default-4.12.14-122.113.1.aarch64",
                  "product_id": "cluster-md-kmp-default-4.12.14-122.113.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-4.12.14-122.113.1.aarch64",
                "product": {
                  "name": "dlm-kmp-default-4.12.14-122.113.1.aarch64",
                  "product_id": "dlm-kmp-default-4.12.14-122.113.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-4.12.14-122.113.1.aarch64",
                "product": {
                  "name": "gfs2-kmp-default-4.12.14-122.113.1.aarch64",
                  "product_id": "gfs2-kmp-default-4.12.14-122.113.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-4.12.14-122.113.1.aarch64",
                "product": {
                  "name": "kernel-default-4.12.14-122.113.1.aarch64",
                  "product_id": "kernel-default-4.12.14-122.113.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-4.12.14-122.113.1.aarch64",
                "product": {
                  "name": "kernel-default-base-4.12.14-122.113.1.aarch64",
                  "product_id": "kernel-default-base-4.12.14-122.113.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-4.12.14-122.113.1.aarch64",
                "product": {
                  "name": "kernel-default-devel-4.12.14-122.113.1.aarch64",
                  "product_id": "kernel-default-devel-4.12.14-122.113.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-4.12.14-122.113.1.aarch64",
                "product": {
                  "name": "kernel-default-extra-4.12.14-122.113.1.aarch64",
                  "product_id": "kernel-default-extra-4.12.14-122.113.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-kgraft-4.12.14-122.113.1.aarch64",
                "product": {
                  "name": "kernel-default-kgraft-4.12.14-122.113.1.aarch64",
                  "product_id": "kernel-default-kgraft-4.12.14-122.113.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-kgraft-devel-4.12.14-122.113.1.aarch64",
                "product": {
                  "name": "kernel-default-kgraft-devel-4.12.14-122.113.1.aarch64",
                  "product_id": "kernel-default-kgraft-devel-4.12.14-122.113.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-4.12.14-122.113.1.aarch64",
                "product": {
                  "name": "kernel-obs-build-4.12.14-122.113.1.aarch64",
                  "product_id": "kernel-obs-build-4.12.14-122.113.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-4.12.14-122.113.1.aarch64",
                "product": {
                  "name": "kernel-obs-qa-4.12.14-122.113.1.aarch64",
                  "product_id": "kernel-obs-qa-4.12.14-122.113.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-4.12.14-122.113.1.aarch64",
                "product": {
                  "name": "kernel-syms-4.12.14-122.113.1.aarch64",
                  "product_id": "kernel-syms-4.12.14-122.113.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-4.12.14-122.113.1.aarch64",
                "product": {
                  "name": "kernel-vanilla-4.12.14-122.113.1.aarch64",
                  "product_id": "kernel-vanilla-4.12.14-122.113.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-base-4.12.14-122.113.1.aarch64",
                "product": {
                  "name": "kernel-vanilla-base-4.12.14-122.113.1.aarch64",
                  "product_id": "kernel-vanilla-base-4.12.14-122.113.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-devel-4.12.14-122.113.1.aarch64",
                "product": {
                  "name": "kernel-vanilla-devel-4.12.14-122.113.1.aarch64",
                  "product_id": "kernel-vanilla-devel-4.12.14-122.113.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-kgraft-devel-4.12.14-122.113.1.aarch64",
                "product": {
                  "name": "kernel-vanilla-kgraft-devel-4.12.14-122.113.1.aarch64",
                  "product_id": "kernel-vanilla-kgraft-devel-4.12.14-122.113.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-4.12.14-122.113.1.aarch64",
                "product": {
                  "name": "kselftests-kmp-default-4.12.14-122.113.1.aarch64",
                  "product_id": "kselftests-kmp-default-4.12.14-122.113.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-4.12.14-122.113.1.aarch64",
                "product": {
                  "name": "ocfs2-kmp-default-4.12.14-122.113.1.aarch64",
                  "product_id": "ocfs2-kmp-default-4.12.14-122.113.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-devel-4.12.14-122.113.1.noarch",
                "product": {
                  "name": "kernel-devel-4.12.14-122.113.1.noarch",
                  "product_id": "kernel-devel-4.12.14-122.113.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-docs-4.12.14-122.113.1.noarch",
                "product": {
                  "name": "kernel-docs-4.12.14-122.113.1.noarch",
                  "product_id": "kernel-docs-4.12.14-122.113.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-docs-html-4.12.14-122.113.1.noarch",
                "product": {
                  "name": "kernel-docs-html-4.12.14-122.113.1.noarch",
                  "product_id": "kernel-docs-html-4.12.14-122.113.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-macros-4.12.14-122.113.1.noarch",
                "product": {
                  "name": "kernel-macros-4.12.14-122.113.1.noarch",
                  "product_id": "kernel-macros-4.12.14-122.113.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-4.12.14-122.113.1.noarch",
                "product": {
                  "name": "kernel-source-4.12.14-122.113.1.noarch",
                  "product_id": "kernel-source-4.12.14-122.113.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-vanilla-4.12.14-122.113.1.noarch",
                "product": {
                  "name": "kernel-source-vanilla-4.12.14-122.113.1.noarch",
                  "product_id": "kernel-source-vanilla-4.12.14-122.113.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
                "product": {
                  "name": "cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
                  "product_id": "cluster-md-kmp-default-4.12.14-122.113.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-4.12.14-122.113.1.ppc64le",
                "product": {
                  "name": "dlm-kmp-default-4.12.14-122.113.1.ppc64le",
                  "product_id": "dlm-kmp-default-4.12.14-122.113.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
                "product": {
                  "name": "gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
                  "product_id": "gfs2-kmp-default-4.12.14-122.113.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-4.12.14-122.113.1.ppc64le",
                "product": {
                  "name": "kernel-debug-4.12.14-122.113.1.ppc64le",
                  "product_id": "kernel-debug-4.12.14-122.113.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-base-4.12.14-122.113.1.ppc64le",
                "product": {
                  "name": "kernel-debug-base-4.12.14-122.113.1.ppc64le",
                  "product_id": "kernel-debug-base-4.12.14-122.113.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-devel-4.12.14-122.113.1.ppc64le",
                "product": {
                  "name": "kernel-debug-devel-4.12.14-122.113.1.ppc64le",
                  "product_id": "kernel-debug-devel-4.12.14-122.113.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-kgraft-devel-4.12.14-122.113.1.ppc64le",
                "product": {
                  "name": "kernel-debug-kgraft-devel-4.12.14-122.113.1.ppc64le",
                  "product_id": "kernel-debug-kgraft-devel-4.12.14-122.113.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-4.12.14-122.113.1.ppc64le",
                "product": {
                  "name": "kernel-default-4.12.14-122.113.1.ppc64le",
                  "product_id": "kernel-default-4.12.14-122.113.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-4.12.14-122.113.1.ppc64le",
                "product": {
                  "name": "kernel-default-base-4.12.14-122.113.1.ppc64le",
                  "product_id": "kernel-default-base-4.12.14-122.113.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-4.12.14-122.113.1.ppc64le",
                "product": {
                  "name": "kernel-default-devel-4.12.14-122.113.1.ppc64le",
                  "product_id": "kernel-default-devel-4.12.14-122.113.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-4.12.14-122.113.1.ppc64le",
                "product": {
                  "name": "kernel-default-extra-4.12.14-122.113.1.ppc64le",
                  "product_id": "kernel-default-extra-4.12.14-122.113.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
                "product": {
                  "name": "kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
                  "product_id": "kernel-default-kgraft-4.12.14-122.113.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
                "product": {
                  "name": "kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
                  "product_id": "kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-4.12.14-122.113.1.ppc64le",
                "product": {
                  "name": "kernel-obs-build-4.12.14-122.113.1.ppc64le",
                  "product_id": "kernel-obs-build-4.12.14-122.113.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-4.12.14-122.113.1.ppc64le",
                "product": {
                  "name": "kernel-obs-qa-4.12.14-122.113.1.ppc64le",
                  "product_id": "kernel-obs-qa-4.12.14-122.113.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-4.12.14-122.113.1.ppc64le",
                "product": {
                  "name": "kernel-syms-4.12.14-122.113.1.ppc64le",
                  "product_id": "kernel-syms-4.12.14-122.113.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-4.12.14-122.113.1.ppc64le",
                "product": {
                  "name": "kernel-vanilla-4.12.14-122.113.1.ppc64le",
                  "product_id": "kernel-vanilla-4.12.14-122.113.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-base-4.12.14-122.113.1.ppc64le",
                "product": {
                  "name": "kernel-vanilla-base-4.12.14-122.113.1.ppc64le",
                  "product_id": "kernel-vanilla-base-4.12.14-122.113.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-devel-4.12.14-122.113.1.ppc64le",
                "product": {
                  "name": "kernel-vanilla-devel-4.12.14-122.113.1.ppc64le",
                  "product_id": "kernel-vanilla-devel-4.12.14-122.113.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-kgraft-devel-4.12.14-122.113.1.ppc64le",
                "product": {
                  "name": "kernel-vanilla-kgraft-devel-4.12.14-122.113.1.ppc64le",
                  "product_id": "kernel-vanilla-kgraft-devel-4.12.14-122.113.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
                "product": {
                  "name": "kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
                  "product_id": "kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-4.12.14-122.113.1.ppc64le",
                "product": {
                  "name": "kselftests-kmp-default-4.12.14-122.113.1.ppc64le",
                  "product_id": "kselftests-kmp-default-4.12.14-122.113.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
                "product": {
                  "name": "ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
                  "product_id": "ocfs2-kmp-default-4.12.14-122.113.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-4.12.14-122.113.1.s390x",
                "product": {
                  "name": "cluster-md-kmp-default-4.12.14-122.113.1.s390x",
                  "product_id": "cluster-md-kmp-default-4.12.14-122.113.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-4.12.14-122.113.1.s390x",
                "product": {
                  "name": "dlm-kmp-default-4.12.14-122.113.1.s390x",
                  "product_id": "dlm-kmp-default-4.12.14-122.113.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-4.12.14-122.113.1.s390x",
                "product": {
                  "name": "gfs2-kmp-default-4.12.14-122.113.1.s390x",
                  "product_id": "gfs2-kmp-default-4.12.14-122.113.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-4.12.14-122.113.1.s390x",
                "product": {
                  "name": "kernel-default-4.12.14-122.113.1.s390x",
                  "product_id": "kernel-default-4.12.14-122.113.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-4.12.14-122.113.1.s390x",
                "product": {
                  "name": "kernel-default-base-4.12.14-122.113.1.s390x",
                  "product_id": "kernel-default-base-4.12.14-122.113.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-4.12.14-122.113.1.s390x",
                "product": {
                  "name": "kernel-default-devel-4.12.14-122.113.1.s390x",
                  "product_id": "kernel-default-devel-4.12.14-122.113.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-4.12.14-122.113.1.s390x",
                "product": {
                  "name": "kernel-default-extra-4.12.14-122.113.1.s390x",
                  "product_id": "kernel-default-extra-4.12.14-122.113.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-kgraft-4.12.14-122.113.1.s390x",
                "product": {
                  "name": "kernel-default-kgraft-4.12.14-122.113.1.s390x",
                  "product_id": "kernel-default-kgraft-4.12.14-122.113.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
                "product": {
                  "name": "kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
                  "product_id": "kernel-default-kgraft-devel-4.12.14-122.113.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-man-4.12.14-122.113.1.s390x",
                "product": {
                  "name": "kernel-default-man-4.12.14-122.113.1.s390x",
                  "product_id": "kernel-default-man-4.12.14-122.113.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-4.12.14-122.113.1.s390x",
                "product": {
                  "name": "kernel-obs-build-4.12.14-122.113.1.s390x",
                  "product_id": "kernel-obs-build-4.12.14-122.113.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-4.12.14-122.113.1.s390x",
                "product": {
                  "name": "kernel-obs-qa-4.12.14-122.113.1.s390x",
                  "product_id": "kernel-obs-qa-4.12.14-122.113.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-4.12.14-122.113.1.s390x",
                "product": {
                  "name": "kernel-syms-4.12.14-122.113.1.s390x",
                  "product_id": "kernel-syms-4.12.14-122.113.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-4.12.14-122.113.1.s390x",
                "product": {
                  "name": "kernel-vanilla-4.12.14-122.113.1.s390x",
                  "product_id": "kernel-vanilla-4.12.14-122.113.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-base-4.12.14-122.113.1.s390x",
                "product": {
                  "name": "kernel-vanilla-base-4.12.14-122.113.1.s390x",
                  "product_id": "kernel-vanilla-base-4.12.14-122.113.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-devel-4.12.14-122.113.1.s390x",
                "product": {
                  "name": "kernel-vanilla-devel-4.12.14-122.113.1.s390x",
                  "product_id": "kernel-vanilla-devel-4.12.14-122.113.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-kgraft-devel-4.12.14-122.113.1.s390x",
                "product": {
                  "name": "kernel-vanilla-kgraft-devel-4.12.14-122.113.1.s390x",
                  "product_id": "kernel-vanilla-kgraft-devel-4.12.14-122.113.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-zfcpdump-4.12.14-122.113.1.s390x",
                "product": {
                  "name": "kernel-zfcpdump-4.12.14-122.113.1.s390x",
                  "product_id": "kernel-zfcpdump-4.12.14-122.113.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-zfcpdump-man-4.12.14-122.113.1.s390x",
                "product": {
                  "name": "kernel-zfcpdump-man-4.12.14-122.113.1.s390x",
                  "product_id": "kernel-zfcpdump-man-4.12.14-122.113.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
                "product": {
                  "name": "kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
                  "product_id": "kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-4.12.14-122.113.1.s390x",
                "product": {
                  "name": "kselftests-kmp-default-4.12.14-122.113.1.s390x",
                  "product_id": "kselftests-kmp-default-4.12.14-122.113.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-4.12.14-122.113.1.s390x",
                "product": {
                  "name": "ocfs2-kmp-default-4.12.14-122.113.1.s390x",
                  "product_id": "ocfs2-kmp-default-4.12.14-122.113.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
                "product": {
                  "name": "cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
                  "product_id": "cluster-md-kmp-default-4.12.14-122.113.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-4.12.14-122.113.1.x86_64",
                "product": {
                  "name": "dlm-kmp-default-4.12.14-122.113.1.x86_64",
                  "product_id": "dlm-kmp-default-4.12.14-122.113.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-4.12.14-122.113.1.x86_64",
                "product": {
                  "name": "gfs2-kmp-default-4.12.14-122.113.1.x86_64",
                  "product_id": "gfs2-kmp-default-4.12.14-122.113.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-4.12.14-122.113.1.x86_64",
                "product": {
                  "name": "kernel-debug-4.12.14-122.113.1.x86_64",
                  "product_id": "kernel-debug-4.12.14-122.113.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-base-4.12.14-122.113.1.x86_64",
                "product": {
                  "name": "kernel-debug-base-4.12.14-122.113.1.x86_64",
                  "product_id": "kernel-debug-base-4.12.14-122.113.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-devel-4.12.14-122.113.1.x86_64",
                "product": {
                  "name": "kernel-debug-devel-4.12.14-122.113.1.x86_64",
                  "product_id": "kernel-debug-devel-4.12.14-122.113.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-kgraft-devel-4.12.14-122.113.1.x86_64",
                "product": {
                  "name": "kernel-debug-kgraft-devel-4.12.14-122.113.1.x86_64",
                  "product_id": "kernel-debug-kgraft-devel-4.12.14-122.113.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-4.12.14-122.113.1.x86_64",
                "product": {
                  "name": "kernel-default-4.12.14-122.113.1.x86_64",
                  "product_id": "kernel-default-4.12.14-122.113.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-4.12.14-122.113.1.x86_64",
                "product": {
                  "name": "kernel-default-base-4.12.14-122.113.1.x86_64",
                  "product_id": "kernel-default-base-4.12.14-122.113.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-4.12.14-122.113.1.x86_64",
                "product": {
                  "name": "kernel-default-devel-4.12.14-122.113.1.x86_64",
                  "product_id": "kernel-default-devel-4.12.14-122.113.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-4.12.14-122.113.1.x86_64",
                "product": {
                  "name": "kernel-default-extra-4.12.14-122.113.1.x86_64",
                  "product_id": "kernel-default-extra-4.12.14-122.113.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-kgraft-4.12.14-122.113.1.x86_64",
                "product": {
                  "name": "kernel-default-kgraft-4.12.14-122.113.1.x86_64",
                  "product_id": "kernel-default-kgraft-4.12.14-122.113.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
                "product": {
                  "name": "kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
                  "product_id": "kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-4.12.14-122.113.1.x86_64",
                "product": {
                  "name": "kernel-kvmsmall-4.12.14-122.113.1.x86_64",
                  "product_id": "kernel-kvmsmall-4.12.14-122.113.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-base-4.12.14-122.113.1.x86_64",
                "product": {
                  "name": "kernel-kvmsmall-base-4.12.14-122.113.1.x86_64",
                  "product_id": "kernel-kvmsmall-base-4.12.14-122.113.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-devel-4.12.14-122.113.1.x86_64",
                "product": {
                  "name": "kernel-kvmsmall-devel-4.12.14-122.113.1.x86_64",
                  "product_id": "kernel-kvmsmall-devel-4.12.14-122.113.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-kgraft-devel-4.12.14-122.113.1.x86_64",
                "product": {
                  "name": "kernel-kvmsmall-kgraft-devel-4.12.14-122.113.1.x86_64",
                  "product_id": "kernel-kvmsmall-kgraft-devel-4.12.14-122.113.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-4.12.14-122.113.1.x86_64",
                "product": {
                  "name": "kernel-obs-build-4.12.14-122.113.1.x86_64",
                  "product_id": "kernel-obs-build-4.12.14-122.113.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-4.12.14-122.113.1.x86_64",
                "product": {
                  "name": "kernel-obs-qa-4.12.14-122.113.1.x86_64",
                  "product_id": "kernel-obs-qa-4.12.14-122.113.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-4.12.14-122.113.1.x86_64",
                "product": {
                  "name": "kernel-syms-4.12.14-122.113.1.x86_64",
                  "product_id": "kernel-syms-4.12.14-122.113.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-4.12.14-122.113.1.x86_64",
                "product": {
                  "name": "kernel-vanilla-4.12.14-122.113.1.x86_64",
                  "product_id": "kernel-vanilla-4.12.14-122.113.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-base-4.12.14-122.113.1.x86_64",
                "product": {
                  "name": "kernel-vanilla-base-4.12.14-122.113.1.x86_64",
                  "product_id": "kernel-vanilla-base-4.12.14-122.113.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-devel-4.12.14-122.113.1.x86_64",
                "product": {
                  "name": "kernel-vanilla-devel-4.12.14-122.113.1.x86_64",
                  "product_id": "kernel-vanilla-devel-4.12.14-122.113.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-kgraft-devel-4.12.14-122.113.1.x86_64",
                "product": {
                  "name": "kernel-vanilla-kgraft-devel-4.12.14-122.113.1.x86_64",
                  "product_id": "kernel-vanilla-kgraft-devel-4.12.14-122.113.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
                "product": {
                  "name": "kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
                  "product_id": "kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-4.12.14-122.113.1.x86_64",
                "product": {
                  "name": "kselftests-kmp-default-4.12.14-122.113.1.x86_64",
                  "product_id": "kselftests-kmp-default-4.12.14-122.113.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
                "product": {
                  "name": "ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
                  "product_id": "ocfs2-kmp-default-4.12.14-122.113.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Availability Extension 12 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise High Availability Extension 12 SP5",
                  "product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-ha:12:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Live Patching 12 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Live Patching 12 SP5",
                  "product_id": "SUSE Linux Enterprise Live Patching 12 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-live-patching:12:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
                  "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-sdk:12:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 12 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12 SP5",
                  "product_id": "SUSE Linux Enterprise Server 12 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles:12:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:12:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Workstation Extension 12 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Workstation Extension 12 SP5",
                  "product_id": "SUSE Linux Enterprise Workstation Extension 12 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-we:12:sp5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-4.12.14-122.113.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
          "product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.ppc64le"
        },
        "product_reference": "cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-4.12.14-122.113.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
          "product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.s390x"
        },
        "product_reference": "cluster-md-kmp-default-4.12.14-122.113.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-4.12.14-122.113.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
          "product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.x86_64"
        },
        "product_reference": "cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-4.12.14-122.113.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
          "product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.ppc64le"
        },
        "product_reference": "dlm-kmp-default-4.12.14-122.113.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-4.12.14-122.113.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
          "product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.s390x"
        },
        "product_reference": "dlm-kmp-default-4.12.14-122.113.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-4.12.14-122.113.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
          "product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.x86_64"
        },
        "product_reference": "dlm-kmp-default-4.12.14-122.113.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-4.12.14-122.113.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
          "product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.ppc64le"
        },
        "product_reference": "gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-4.12.14-122.113.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
          "product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.s390x"
        },
        "product_reference": "gfs2-kmp-default-4.12.14-122.113.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-4.12.14-122.113.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
          "product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.x86_64"
        },
        "product_reference": "gfs2-kmp-default-4.12.14-122.113.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-4.12.14-122.113.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
          "product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.ppc64le"
        },
        "product_reference": "ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-4.12.14-122.113.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
          "product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.s390x"
        },
        "product_reference": "ocfs2-kmp-default-4.12.14-122.113.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-4.12.14-122.113.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
          "product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.x86_64"
        },
        "product_reference": "ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-kgraft-4.12.14-122.113.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
          "product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.ppc64le"
        },
        "product_reference": "kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-kgraft-4.12.14-122.113.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
          "product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.s390x"
        },
        "product_reference": "kernel-default-kgraft-4.12.14-122.113.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-kgraft-4.12.14-122.113.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
          "product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.x86_64"
        },
        "product_reference": "kernel-default-kgraft-4.12.14-122.113.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
          "product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le"
        },
        "product_reference": "kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-kgraft-devel-4.12.14-122.113.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
          "product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.s390x"
        },
        "product_reference": "kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
          "product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64"
        },
        "product_reference": "kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
          "product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le"
        },
        "product_reference": "kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
          "product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x"
        },
        "product_reference": "kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
          "product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64"
        },
        "product_reference": "kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-docs-4.12.14-122.113.1.noarch as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.113.1.noarch"
        },
        "product_reference": "kernel-docs-4.12.14-122.113.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-4.12.14-122.113.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.aarch64"
        },
        "product_reference": "kernel-obs-build-4.12.14-122.113.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-4.12.14-122.113.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.ppc64le"
        },
        "product_reference": "kernel-obs-build-4.12.14-122.113.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-4.12.14-122.113.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.s390x"
        },
        "product_reference": "kernel-obs-build-4.12.14-122.113.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-4.12.14-122.113.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.x86_64"
        },
        "product_reference": "kernel-obs-build-4.12.14-122.113.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-122.113.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.aarch64"
        },
        "product_reference": "kernel-default-4.12.14-122.113.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-122.113.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le"
        },
        "product_reference": "kernel-default-4.12.14-122.113.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-122.113.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.s390x"
        },
        "product_reference": "kernel-default-4.12.14-122.113.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-122.113.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.x86_64"
        },
        "product_reference": "kernel-default-4.12.14-122.113.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-122.113.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64"
        },
        "product_reference": "kernel-default-base-4.12.14-122.113.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-122.113.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le"
        },
        "product_reference": "kernel-default-base-4.12.14-122.113.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-122.113.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x"
        },
        "product_reference": "kernel-default-base-4.12.14-122.113.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-122.113.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64"
        },
        "product_reference": "kernel-default-base-4.12.14-122.113.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-122.113.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64"
        },
        "product_reference": "kernel-default-devel-4.12.14-122.113.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-122.113.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le"
        },
        "product_reference": "kernel-default-devel-4.12.14-122.113.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-122.113.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x"
        },
        "product_reference": "kernel-default-devel-4.12.14-122.113.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-122.113.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64"
        },
        "product_reference": "kernel-default-devel-4.12.14-122.113.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-man-4.12.14-122.113.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x"
        },
        "product_reference": "kernel-default-man-4.12.14-122.113.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-4.12.14-122.113.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.113.1.noarch"
        },
        "product_reference": "kernel-devel-4.12.14-122.113.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-4.12.14-122.113.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.113.1.noarch"
        },
        "product_reference": "kernel-macros-4.12.14-122.113.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-4.12.14-122.113.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.113.1.noarch"
        },
        "product_reference": "kernel-source-4.12.14-122.113.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-122.113.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64"
        },
        "product_reference": "kernel-syms-4.12.14-122.113.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-122.113.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le"
        },
        "product_reference": "kernel-syms-4.12.14-122.113.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-122.113.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.s390x"
        },
        "product_reference": "kernel-syms-4.12.14-122.113.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-122.113.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64"
        },
        "product_reference": "kernel-syms-4.12.14-122.113.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-122.113.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.aarch64"
        },
        "product_reference": "kernel-default-4.12.14-122.113.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-122.113.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le"
        },
        "product_reference": "kernel-default-4.12.14-122.113.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-122.113.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.s390x"
        },
        "product_reference": "kernel-default-4.12.14-122.113.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-122.113.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.x86_64"
        },
        "product_reference": "kernel-default-4.12.14-122.113.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-122.113.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64"
        },
        "product_reference": "kernel-default-base-4.12.14-122.113.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-122.113.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le"
        },
        "product_reference": "kernel-default-base-4.12.14-122.113.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-122.113.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x"
        },
        "product_reference": "kernel-default-base-4.12.14-122.113.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-4.12.14-122.113.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64"
        },
        "product_reference": "kernel-default-base-4.12.14-122.113.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-122.113.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64"
        },
        "product_reference": "kernel-default-devel-4.12.14-122.113.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-122.113.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le"
        },
        "product_reference": "kernel-default-devel-4.12.14-122.113.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-122.113.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x"
        },
        "product_reference": "kernel-default-devel-4.12.14-122.113.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-122.113.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64"
        },
        "product_reference": "kernel-default-devel-4.12.14-122.113.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-man-4.12.14-122.113.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x"
        },
        "product_reference": "kernel-default-man-4.12.14-122.113.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-4.12.14-122.113.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.113.1.noarch"
        },
        "product_reference": "kernel-devel-4.12.14-122.113.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-4.12.14-122.113.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.113.1.noarch"
        },
        "product_reference": "kernel-macros-4.12.14-122.113.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-4.12.14-122.113.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.113.1.noarch"
        },
        "product_reference": "kernel-source-4.12.14-122.113.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-122.113.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64"
        },
        "product_reference": "kernel-syms-4.12.14-122.113.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-122.113.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le"
        },
        "product_reference": "kernel-syms-4.12.14-122.113.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-122.113.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.s390x"
        },
        "product_reference": "kernel-syms-4.12.14-122.113.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-122.113.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64"
        },
        "product_reference": "kernel-syms-4.12.14-122.113.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-extra-4.12.14-122.113.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 12 SP5",
          "product_id": "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.113.1.x86_64"
        },
        "product_reference": "kernel-default-extra-4.12.14-122.113.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 12 SP5"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-44879",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-44879"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.113.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-44879",
          "url": "https://www.suse.com/security/cve/CVE-2021-44879"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195987 for CVE-2021-44879",
          "url": "https://bugzilla.suse.com/1195987"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.113.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.113.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T10:21:52Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-44879"
    },
    {
      "cve": "CVE-2021-45095",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-45095"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.113.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-45095",
          "url": "https://www.suse.com/security/cve/CVE-2021-45095"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1193867 for CVE-2021-45095",
          "url": "https://bugzilla.suse.com/1193867"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.113.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.113.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T10:21:52Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-45095"
    },
    {
      "cve": "CVE-2022-0001",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0001"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.113.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0001",
          "url": "https://www.suse.com/security/cve/CVE-2022-0001"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191580 for CVE-2022-0001",
          "url": "https://bugzilla.suse.com/1191580"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196901 for CVE-2022-0001",
          "url": "https://bugzilla.suse.com/1196901"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.113.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.113.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T10:21:52Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0001"
    },
    {
      "cve": "CVE-2022-0002",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0002"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.113.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0002",
          "url": "https://www.suse.com/security/cve/CVE-2022-0002"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191580 for CVE-2022-0002",
          "url": "https://bugzilla.suse.com/1191580"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196901 for CVE-2022-0002",
          "url": "https://bugzilla.suse.com/1196901"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.113.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.113.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T10:21:52Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0002"
    },
    {
      "cve": "CVE-2022-0487",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0487"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.113.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0487",
          "url": "https://www.suse.com/security/cve/CVE-2022-0487"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194516 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1194516"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195949 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1195949"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198615 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1198615"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.113.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.113.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T10:21:52Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0487"
    },
    {
      "cve": "CVE-2022-0492",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0492"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability was found in the Linux kernel\u0027s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.113.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0492",
          "url": "https://www.suse.com/security/cve/CVE-2022-0492"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195543 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1195543"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195908 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1195908"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196612 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1196612"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196776 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1196776"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198615 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1198615"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199255 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1199255"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199615 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1199615"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200084 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1200084"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.113.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.113.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T10:21:52Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0492"
    },
    {
      "cve": "CVE-2022-0617",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0617"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.113.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0617",
          "url": "https://www.suse.com/security/cve/CVE-2022-0617"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196079 for CVE-2022-0617",
          "url": "https://bugzilla.suse.com/1196079"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.113.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.113.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T10:21:52Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0617"
    },
    {
      "cve": "CVE-2022-0644",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0644"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.113.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0644",
          "url": "https://www.suse.com/security/cve/CVE-2022-0644"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196155 for CVE-2022-0644",
          "url": "https://bugzilla.suse.com/1196155"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.113.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.113.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T10:21:52Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0644"
    },
    {
      "cve": "CVE-2022-0847",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0847"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in the way the \"flags\" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.113.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0847",
          "url": "https://www.suse.com/security/cve/CVE-2022-0847"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196584 for CVE-2022-0847",
          "url": "https://bugzilla.suse.com/1196584"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196601 for CVE-2022-0847",
          "url": "https://bugzilla.suse.com/1196601"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.113.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.113.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T10:21:52Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-0847"
    },
    {
      "cve": "CVE-2022-24448",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24448"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file descriptor.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.113.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24448",
          "url": "https://www.suse.com/security/cve/CVE-2022-24448"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195612 for CVE-2022-24448",
          "url": "https://bugzilla.suse.com/1195612"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.113.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.113.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T10:21:52Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24448"
    },
    {
      "cve": "CVE-2022-24959",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24959"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in yam_siocdevprivate in drivers/net/hamradio/yam.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.113.1.noarch",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.113.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24959",
          "url": "https://www.suse.com/security/cve/CVE-2022-24959"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195897 for CVE-2022-24959",
          "url": "https://bugzilla.suse.com/1195897"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.113.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_113-default-1-8.3.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.113.1.noarch",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.113.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.113.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T10:21:52Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24959"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThe SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2022-0854: Fixed a memory leak flaw was found in the Linux kernels DMA subsystem. This flaw allowed a local user to read random memory from the kernel space (bnc#1196823).\n- CVE-2022-28388: Fixed a double free in drivers/net/can/usb/usb_8dev.c vulnerability in the Linux kernel (bnc#1198032).\n- CVE-2022-28389: Fixed a double free in drivers/net/can/usb/mcba_usb.c vulnerability in the Linux kernel (bnc#1198033).\n- CVE-2022-28390: Fixed a double free in drivers/net/can/usb/ems_usb.c vulnerability in the Linux kernel (bnc#1198031).\n- CVE-2022-1048: Fixed a race Condition in snd_pcm_hw_free leading to use-after-free due to the AB/BA lock with buffer_mutex and mmap_lock (bsc#1197331).\n- CVE-2022-1055: Fixed a use-after-free in tc_new_tfilter that could allow a local attacker to gain privilege escalation (bnc#1197702).\n- CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP transformation code. This flaw allowed a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation (bnc#1197462).\n- CVE-2021-45868: Fixed a wrong validation check in fs/quota/quota_tree.c which could lead to an use-after-free if there is a corrupted quota file (bnc#1197366).\n- CVE-2022-26966: Fixed an issue in drivers/net/usb/sr9700.c, which allowed attackers to obtain sensitive information from the memory via crafted frame lengths from a USB device (bsc#1196836).\n- CVE-2021-39698: Fixed a possible memory corruption due to a use after free in aio_poll_complete_work. This could lead to local escalation of privilege with no additional execution privileges needed (bsc#1196956).\n- CVE-2021-0920: Fixed a local privilege escalation due to a use-after-free bug in unix_gc (bsc#1193731).\n- CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,CVE-2022-23041,CVE-2022-23042: Fixed multiple issues which could have lead to read/write access to memory pages or denial of service. These issues are related to the Xen PV device frontend drivers (bsc#1196488).\n- CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An attacker with adjacent NFC access could trigger crash the system or corrupt system memory (bsc#1196830).\n- CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image (bsc#1196079).\n- CVE-2022-25375: The RNDIS USB gadget lacks validation of the size of the RNDIS_MSG_SET command. Attackers can obtain sensitive information from kernel memory (bsc#1196235).\n- CVE-2022-25258: The USB Gadget subsystem lacked certain validation of interface OS descriptor requests, which could have lead to memory corruption (bsc#1196096).\n- CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were not considered, which lead to a move_data_page NULL pointer dereference (bsc#1195987).\n- CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in drivers/net/hamradio/yam.c (bsc#1195897).\n- CVE-2022-24958: drivers/usb/gadget/legacy/inode.c mishandled dev-\u003ebuf release (bsc#1195905).\n- CVE-2022-0516: Fixed missing check in ioctl related to KVM in s390 allows kernel memory read/write (bsc#1195516).\n- CVE-2022-24448: Fixed an issue in fs/nfs/dir.c. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should have occured, but the server instead returned uninitialized data in the file descriptor (bsc#1195612).\n- CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly (bsc#1195543).\n- CVE-2022-28748: Fixed various information leaks that could be caused by malicious USB devices (bsc#1196018).\n- CVE-2022-0644: Fixed a denial of service by a local user. A assertion failure could be triggered in kernel_read_file_from_fd() (bsc#1196155)\n- CVE-2022-0850: Fixed a kernel information leak vulnerability in iov_iter.c (bsc#1196761).\n- CVE-2022-1016: Fixed a vulnerability in the nf_tables component of the netfilter subsystem. This vulnerability gives an attacker a powerful primitive that can be used to both read from and write to relative stack data, which can lead to arbitrary code execution (bsc#1197227).\n\n\nThe following non-security bugs were fixed:\n\n- cifs: use the correct max-length for dentry_path_raw() (bsc#1196196).\n- gve: multiple bugfixes (jsc#SLE-23652).\n- net/mlx5e: Fix page DMA map/unmap attributes (bsc#1196468).\n- netfilter: conntrack: do not refresh sctp entries in closed state (bsc#1197389).\n- powerpc/mm/numa: skip NUMA_NO_NODE onlining in parse_numa_properties() (bsc#1179639).\n- scsi: lpfc: Fix pt2pt NVMe PRLI reject LOGO loop (bsc#1189126).\n- scsi: target: iscsi: Fix cmd abort fabric stop race (bsc#1195286).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2022-1257,SUSE-SLE-Module-RT-15-SP2-2022-1257,SUSE-SUSE-MicroOS-5.0-2022-1257",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_1257-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2022:1257-1",
        "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221257-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2022:1257-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010746.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1179639",
        "url": "https://bugzilla.suse.com/1179639"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1189126",
        "url": "https://bugzilla.suse.com/1189126"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1189562",
        "url": "https://bugzilla.suse.com/1189562"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193731",
        "url": "https://bugzilla.suse.com/1193731"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194516",
        "url": "https://bugzilla.suse.com/1194516"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194943",
        "url": "https://bugzilla.suse.com/1194943"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195051",
        "url": "https://bugzilla.suse.com/1195051"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195254",
        "url": "https://bugzilla.suse.com/1195254"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195286",
        "url": "https://bugzilla.suse.com/1195286"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195353",
        "url": "https://bugzilla.suse.com/1195353"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195403",
        "url": "https://bugzilla.suse.com/1195403"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195516",
        "url": "https://bugzilla.suse.com/1195516"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195543",
        "url": "https://bugzilla.suse.com/1195543"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195612",
        "url": "https://bugzilla.suse.com/1195612"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195897",
        "url": "https://bugzilla.suse.com/1195897"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195905",
        "url": "https://bugzilla.suse.com/1195905"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195939",
        "url": "https://bugzilla.suse.com/1195939"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195987",
        "url": "https://bugzilla.suse.com/1195987"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196018",
        "url": "https://bugzilla.suse.com/1196018"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196079",
        "url": "https://bugzilla.suse.com/1196079"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196095",
        "url": "https://bugzilla.suse.com/1196095"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196155",
        "url": "https://bugzilla.suse.com/1196155"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196196",
        "url": "https://bugzilla.suse.com/1196196"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196235",
        "url": "https://bugzilla.suse.com/1196235"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196468",
        "url": "https://bugzilla.suse.com/1196468"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196488",
        "url": "https://bugzilla.suse.com/1196488"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196612",
        "url": "https://bugzilla.suse.com/1196612"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196761",
        "url": "https://bugzilla.suse.com/1196761"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196776",
        "url": "https://bugzilla.suse.com/1196776"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196823",
        "url": "https://bugzilla.suse.com/1196823"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196830",
        "url": "https://bugzilla.suse.com/1196830"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196836",
        "url": "https://bugzilla.suse.com/1196836"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196956",
        "url": "https://bugzilla.suse.com/1196956"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197227",
        "url": "https://bugzilla.suse.com/1197227"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197331",
        "url": "https://bugzilla.suse.com/1197331"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197366",
        "url": "https://bugzilla.suse.com/1197366"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197389",
        "url": "https://bugzilla.suse.com/1197389"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197462",
        "url": "https://bugzilla.suse.com/1197462"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197702",
        "url": "https://bugzilla.suse.com/1197702"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198031",
        "url": "https://bugzilla.suse.com/1198031"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198032",
        "url": "https://bugzilla.suse.com/1198032"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198033",
        "url": "https://bugzilla.suse.com/1198033"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-0920 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-0920/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39698 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39698/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-44879 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-44879/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-45868 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-45868/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0487 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0487/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0492 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0492/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0516 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0516/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0617 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0617/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0644 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0644/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0850 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0850/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0854 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0854/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1016 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1016/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1048 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1048/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1055 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1055/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-23036 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-23036/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-23037 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-23037/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-23038 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-23038/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-23039 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-23039/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-23040 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-23040/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-23041 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-23041/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-23042 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-23042/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24448 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24448/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24958 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24958/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24959 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24959/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-25258 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-25258/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-25375 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-25375/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-26490 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-26490/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-26966 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-26966/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-27666 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-27666/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-28388 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-28388/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-28389 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-28389/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-28390 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-28390/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-28748 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-28748/"
      }
    ],
    "title": "Security update for the Linux Kernel",
    "tracking": {
      "current_release_date": "2022-04-19T09:03:30Z",
      "generator": {
        "date": "2022-04-19T09:03:30Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2022:1257-1",
      "initial_release_date": "2022-04-19T09:03:30Z",
      "revision_history": [
        {
          "date": "2022-04-19T09:03:30Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-devel-rt-5.3.18-150200.79.2.noarch",
                "product": {
                  "name": "kernel-devel-rt-5.3.18-150200.79.2.noarch",
                  "product_id": "kernel-devel-rt-5.3.18-150200.79.2.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-rt-5.3.18-150200.79.2.noarch",
                "product": {
                  "name": "kernel-source-rt-5.3.18-150200.79.2.noarch",
                  "product_id": "kernel-source-rt-5.3.18-150200.79.2.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
                "product": {
                  "name": "cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
                  "product_id": "cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "cluster-md-kmp-rt_debug-5.3.18-150200.79.2.x86_64",
                "product": {
                  "name": "cluster-md-kmp-rt_debug-5.3.18-150200.79.2.x86_64",
                  "product_id": "cluster-md-kmp-rt_debug-5.3.18-150200.79.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
                "product": {
                  "name": "dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
                  "product_id": "dlm-kmp-rt-5.3.18-150200.79.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-rt_debug-5.3.18-150200.79.2.x86_64",
                "product": {
                  "name": "dlm-kmp-rt_debug-5.3.18-150200.79.2.x86_64",
                  "product_id": "dlm-kmp-rt_debug-5.3.18-150200.79.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
                "product": {
                  "name": "gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
                  "product_id": "gfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-rt_debug-5.3.18-150200.79.2.x86_64",
                "product": {
                  "name": "gfs2-kmp-rt_debug-5.3.18-150200.79.2.x86_64",
                  "product_id": "gfs2-kmp-rt_debug-5.3.18-150200.79.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-5.3.18-150200.79.2.x86_64",
                "product": {
                  "name": "kernel-rt-5.3.18-150200.79.2.x86_64",
                  "product_id": "kernel-rt-5.3.18-150200.79.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-devel-5.3.18-150200.79.2.x86_64",
                "product": {
                  "name": "kernel-rt-devel-5.3.18-150200.79.2.x86_64",
                  "product_id": "kernel-rt-devel-5.3.18-150200.79.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-extra-5.3.18-150200.79.2.x86_64",
                "product": {
                  "name": "kernel-rt-extra-5.3.18-150200.79.2.x86_64",
                  "product_id": "kernel-rt-extra-5.3.18-150200.79.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-livepatch-devel-5.3.18-150200.79.2.x86_64",
                "product": {
                  "name": "kernel-rt-livepatch-devel-5.3.18-150200.79.2.x86_64",
                  "product_id": "kernel-rt-livepatch-devel-5.3.18-150200.79.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt_debug-5.3.18-150200.79.2.x86_64",
                "product": {
                  "name": "kernel-rt_debug-5.3.18-150200.79.2.x86_64",
                  "product_id": "kernel-rt_debug-5.3.18-150200.79.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
                "product": {
                  "name": "kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
                  "product_id": "kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt_debug-extra-5.3.18-150200.79.2.x86_64",
                "product": {
                  "name": "kernel-rt_debug-extra-5.3.18-150200.79.2.x86_64",
                  "product_id": "kernel-rt_debug-extra-5.3.18-150200.79.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt_debug-livepatch-devel-5.3.18-150200.79.2.x86_64",
                "product": {
                  "name": "kernel-rt_debug-livepatch-devel-5.3.18-150200.79.2.x86_64",
                  "product_id": "kernel-rt_debug-livepatch-devel-5.3.18-150200.79.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-rt-5.3.18-150200.79.1.x86_64",
                "product": {
                  "name": "kernel-syms-rt-5.3.18-150200.79.1.x86_64",
                  "product_id": "kernel-syms-rt-5.3.18-150200.79.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-rt-5.3.18-150200.79.2.x86_64",
                "product": {
                  "name": "kselftests-kmp-rt-5.3.18-150200.79.2.x86_64",
                  "product_id": "kselftests-kmp-rt-5.3.18-150200.79.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-rt_debug-5.3.18-150200.79.2.x86_64",
                "product": {
                  "name": "kselftests-kmp-rt_debug-5.3.18-150200.79.2.x86_64",
                  "product_id": "kselftests-kmp-rt_debug-5.3.18-150200.79.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
                "product": {
                  "name": "ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
                  "product_id": "ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-rt_debug-5.3.18-150200.79.2.x86_64",
                "product": {
                  "name": "ocfs2-kmp-rt_debug-5.3.18-150200.79.2.x86_64",
                  "product_id": "ocfs2-kmp-rt_debug-5.3.18-150200.79.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-rt-5.3.18-150200.79.2.x86_64",
                "product": {
                  "name": "reiserfs-kmp-rt-5.3.18-150200.79.2.x86_64",
                  "product_id": "reiserfs-kmp-rt-5.3.18-150200.79.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-rt_debug-5.3.18-150200.79.2.x86_64",
                "product": {
                  "name": "reiserfs-kmp-rt_debug-5.3.18-150200.79.2.x86_64",
                  "product_id": "reiserfs-kmp-rt_debug-5.3.18-150200.79.2.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Real Time Module 15 SP2",
                "product": {
                  "name": "SUSE Real Time Module 15 SP2",
                  "product_id": "SUSE Real Time Module 15 SP2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-rt:15:sp2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Micro 5.0",
                "product": {
                  "name": "SUSE Linux Enterprise Micro 5.0",
                  "product_id": "SUSE Linux Enterprise Micro 5.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse-microos:5.0"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64 as component of SUSE Real Time Module 15 SP2",
          "product_id": "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64"
        },
        "product_reference": "cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-rt-5.3.18-150200.79.2.x86_64 as component of SUSE Real Time Module 15 SP2",
          "product_id": "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64"
        },
        "product_reference": "dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-rt-5.3.18-150200.79.2.x86_64 as component of SUSE Real Time Module 15 SP2",
          "product_id": "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        },
        "product_reference": "gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-rt-5.3.18-150200.79.2.noarch as component of SUSE Real Time Module 15 SP2",
          "product_id": "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch"
        },
        "product_reference": "kernel-devel-rt-5.3.18-150200.79.2.noarch",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-5.3.18-150200.79.2.x86_64 as component of SUSE Real Time Module 15 SP2",
          "product_id": "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64"
        },
        "product_reference": "kernel-rt-5.3.18-150200.79.2.x86_64",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-devel-5.3.18-150200.79.2.x86_64 as component of SUSE Real Time Module 15 SP2",
          "product_id": "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64"
        },
        "product_reference": "kernel-rt-devel-5.3.18-150200.79.2.x86_64",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt_debug-5.3.18-150200.79.2.x86_64 as component of SUSE Real Time Module 15 SP2",
          "product_id": "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64"
        },
        "product_reference": "kernel-rt_debug-5.3.18-150200.79.2.x86_64",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64 as component of SUSE Real Time Module 15 SP2",
          "product_id": "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64"
        },
        "product_reference": "kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-rt-5.3.18-150200.79.2.noarch as component of SUSE Real Time Module 15 SP2",
          "product_id": "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch"
        },
        "product_reference": "kernel-source-rt-5.3.18-150200.79.2.noarch",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-rt-5.3.18-150200.79.1.x86_64 as component of SUSE Real Time Module 15 SP2",
          "product_id": "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64"
        },
        "product_reference": "kernel-syms-rt-5.3.18-150200.79.1.x86_64",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64 as component of SUSE Real Time Module 15 SP2",
          "product_id": "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        },
        "product_reference": "ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-5.3.18-150200.79.2.x86_64 as component of SUSE Linux Enterprise Micro 5.0",
          "product_id": "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64"
        },
        "product_reference": "kernel-rt-5.3.18-150200.79.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.0"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-0920",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-0920"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196926917References: Upstream kernel",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
          "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-0920",
          "url": "https://www.suse.com/security/cve/CVE-2021-0920"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1193731 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1193731"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194463 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1194463"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195939 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1195939"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199255 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1199255"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200084 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1200084"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-19T09:03:30Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-0920"
    },
    {
      "cve": "CVE-2021-39698",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39698"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In aio_poll_complete_work of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-185125206References: Upstream kernel",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
          "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39698",
          "url": "https://www.suse.com/security/cve/CVE-2021-39698"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196956 for CVE-2021-39698",
          "url": "https://bugzilla.suse.com/1196956"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196959 for CVE-2021-39698",
          "url": "https://bugzilla.suse.com/1196959"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1209225 for CVE-2021-39698",
          "url": "https://bugzilla.suse.com/1209225"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-19T09:03:30Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-39698"
    },
    {
      "cve": "CVE-2021-44879",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-44879"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
          "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-44879",
          "url": "https://www.suse.com/security/cve/CVE-2021-44879"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195987 for CVE-2021-44879",
          "url": "https://bugzilla.suse.com/1195987"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-19T09:03:30Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-44879"
    },
    {
      "cve": "CVE-2021-45868",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-45868"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in the quota tree (on disk). This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
          "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-45868",
          "url": "https://www.suse.com/security/cve/CVE-2021-45868"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1197366 for CVE-2021-45868",
          "url": "https://bugzilla.suse.com/1197366"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-19T09:03:30Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-45868"
    },
    {
      "cve": "CVE-2022-0487",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0487"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
          "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0487",
          "url": "https://www.suse.com/security/cve/CVE-2022-0487"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194516 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1194516"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195949 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1195949"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198615 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1198615"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-19T09:03:30Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0487"
    },
    {
      "cve": "CVE-2022-0492",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0492"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability was found in the Linux kernel\u0027s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
          "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0492",
          "url": "https://www.suse.com/security/cve/CVE-2022-0492"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195543 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1195543"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195908 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1195908"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196612 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1196612"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196776 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1196776"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198615 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1198615"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199255 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1199255"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199615 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1199615"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200084 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1200084"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-19T09:03:30Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0492"
    },
    {
      "cve": "CVE-2022-0516",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0516"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local attacker with a normal user privilege to obtain unauthorized memory write access. This flaw affects Linux kernel versions prior to 5.17-rc4.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
          "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0516",
          "url": "https://www.suse.com/security/cve/CVE-2022-0516"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195516 for CVE-2022-0516",
          "url": "https://bugzilla.suse.com/1195516"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195947 for CVE-2022-0516",
          "url": "https://bugzilla.suse.com/1195947"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-19T09:03:30Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-0516"
    },
    {
      "cve": "CVE-2022-0617",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0617"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
          "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0617",
          "url": "https://www.suse.com/security/cve/CVE-2022-0617"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196079 for CVE-2022-0617",
          "url": "https://bugzilla.suse.com/1196079"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-19T09:03:30Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0617"
    },
    {
      "cve": "CVE-2022-0644",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0644"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
          "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0644",
          "url": "https://www.suse.com/security/cve/CVE-2022-0644"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196155 for CVE-2022-0644",
          "url": "https://bugzilla.suse.com/1196155"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-19T09:03:30Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0644"
    },
    {
      "cve": "CVE-2022-0850",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0850"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header to userspace.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
          "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0850",
          "url": "https://www.suse.com/security/cve/CVE-2022-0850"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196761 for CVE-2022-0850",
          "url": "https://bugzilla.suse.com/1196761"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-19T09:03:30Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0850"
    },
    {
      "cve": "CVE-2022-0854",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0854"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A memory leak flaw was found in the Linux kernel\u0027s DMA subsystem, in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
          "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0854",
          "url": "https://www.suse.com/security/cve/CVE-2022-0854"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196823 for CVE-2022-0854",
          "url": "https://bugzilla.suse.com/1196823"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-19T09:03:30Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0854"
    },
    {
      "cve": "CVE-2022-1016",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1016"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle \u0027return\u0027 with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
          "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1016",
          "url": "https://www.suse.com/security/cve/CVE-2022-1016"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1197335 for CVE-2022-1016",
          "url": "https://bugzilla.suse.com/1197335"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-19T09:03:30Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-1016"
    },
    {
      "cve": "CVE-2022-1048",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1048"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free flaw was found in the Linux kernel\u0027s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
          "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1048",
          "url": "https://www.suse.com/security/cve/CVE-2022-1048"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1197331 for CVE-2022-1048",
          "url": "https://bugzilla.suse.com/1197331"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1197597 for CVE-2022-1048",
          "url": "https://bugzilla.suse.com/1197597"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200041 for CVE-2022-1048",
          "url": "https://bugzilla.suse.com/1200041"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-1048",
          "url": "https://bugzilla.suse.com/1204132"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1212325 for CVE-2022-1048",
          "url": "https://bugzilla.suse.com/1212325"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-19T09:03:30Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-1048"
    },
    {
      "cve": "CVE-2022-1055",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1055"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
          "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1055",
          "url": "https://www.suse.com/security/cve/CVE-2022-1055"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1197702 for CVE-2022-1055",
          "url": "https://bugzilla.suse.com/1197702"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1197705 for CVE-2022-1055",
          "url": "https://bugzilla.suse.com/1197705"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-19T09:03:30Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-1055"
    },
    {
      "cve": "CVE-2022-23036",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-23036"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn\u0027t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
          "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-23036",
          "url": "https://www.suse.com/security/cve/CVE-2022-23036"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196488 for CVE-2022-23036",
          "url": "https://bugzilla.suse.com/1196488"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199099 for CVE-2022-23036",
          "url": "https://bugzilla.suse.com/1199099"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199141 for CVE-2022-23036",
          "url": "https://bugzilla.suse.com/1199141"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-23036",
          "url": "https://bugzilla.suse.com/1204132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-19T09:03:30Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-23036"
    },
    {
      "cve": "CVE-2022-23037",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-23037"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn\u0027t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
          "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-23037",
          "url": "https://www.suse.com/security/cve/CVE-2022-23037"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199099 for CVE-2022-23037",
          "url": "https://bugzilla.suse.com/1199099"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199141 for CVE-2022-23037",
          "url": "https://bugzilla.suse.com/1199141"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-23037",
          "url": "https://bugzilla.suse.com/1204132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-19T09:03:30Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-23037"
    },
    {
      "cve": "CVE-2022-23038",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-23038"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn\u0027t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
          "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-23038",
          "url": "https://www.suse.com/security/cve/CVE-2022-23038"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199099 for CVE-2022-23038",
          "url": "https://bugzilla.suse.com/1199099"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199141 for CVE-2022-23038",
          "url": "https://bugzilla.suse.com/1199141"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-23038",
          "url": "https://bugzilla.suse.com/1204132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-19T09:03:30Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-23038"
    },
    {
      "cve": "CVE-2022-23039",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-23039"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn\u0027t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
          "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-23039",
          "url": "https://www.suse.com/security/cve/CVE-2022-23039"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199099 for CVE-2022-23039",
          "url": "https://bugzilla.suse.com/1199099"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199141 for CVE-2022-23039",
          "url": "https://bugzilla.suse.com/1199141"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-23039",
          "url": "https://bugzilla.suse.com/1204132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-19T09:03:30Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-23039"
    },
    {
      "cve": "CVE-2022-23040",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-23040"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn\u0027t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
          "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-23040",
          "url": "https://www.suse.com/security/cve/CVE-2022-23040"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199099 for CVE-2022-23040",
          "url": "https://bugzilla.suse.com/1199099"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199141 for CVE-2022-23040",
          "url": "https://bugzilla.suse.com/1199141"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-23040",
          "url": "https://bugzilla.suse.com/1204132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-19T09:03:30Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-23040"
    },
    {
      "cve": "CVE-2022-23041",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-23041"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn\u0027t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
          "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-23041",
          "url": "https://www.suse.com/security/cve/CVE-2022-23041"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199099 for CVE-2022-23041",
          "url": "https://bugzilla.suse.com/1199099"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199141 for CVE-2022-23041",
          "url": "https://bugzilla.suse.com/1199141"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-23041",
          "url": "https://bugzilla.suse.com/1204132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-19T09:03:30Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-23041"
    },
    {
      "cve": "CVE-2022-23042",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-23042"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn\u0027t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
          "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-23042",
          "url": "https://www.suse.com/security/cve/CVE-2022-23042"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199099 for CVE-2022-23042",
          "url": "https://bugzilla.suse.com/1199099"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199141 for CVE-2022-23042",
          "url": "https://bugzilla.suse.com/1199141"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-23042",
          "url": "https://bugzilla.suse.com/1204132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-19T09:03:30Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-23042"
    },
    {
      "cve": "CVE-2022-24448",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24448"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file descriptor.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
          "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24448",
          "url": "https://www.suse.com/security/cve/CVE-2022-24448"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195612 for CVE-2022-24448",
          "url": "https://bugzilla.suse.com/1195612"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-19T09:03:30Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24448"
    },
    {
      "cve": "CVE-2022-24958",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24958"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev-\u003ebuf release.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
          "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24958",
          "url": "https://www.suse.com/security/cve/CVE-2022-24958"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195905 for CVE-2022-24958",
          "url": "https://bugzilla.suse.com/1195905"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-19T09:03:30Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24958"
    },
    {
      "cve": "CVE-2022-24959",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24959"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in yam_siocdevprivate in drivers/net/hamradio/yam.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
          "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24959",
          "url": "https://www.suse.com/security/cve/CVE-2022-24959"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195897 for CVE-2022-24959",
          "url": "https://bugzilla.suse.com/1195897"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-19T09:03:30Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24959"
    },
    {
      "cve": "CVE-2022-25258",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-25258"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory corruption might occur.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
          "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-25258",
          "url": "https://www.suse.com/security/cve/CVE-2022-25258"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196095 for CVE-2022-25258",
          "url": "https://bugzilla.suse.com/1196095"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196132 for CVE-2022-25258",
          "url": "https://bugzilla.suse.com/1196132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-19T09:03:30Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-25258"
    },
    {
      "cve": "CVE-2022-25375",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-25375"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in drivers/usb/gadget/function/rndis.c in the Linux kernel before 5.16.10. The RNDIS USB gadget lacks validation of the size of the RNDIS_MSG_SET command. Attackers can obtain sensitive information from kernel memory.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
          "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-25375",
          "url": "https://www.suse.com/security/cve/CVE-2022-25375"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196235 for CVE-2022-25375",
          "url": "https://bugzilla.suse.com/1196235"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-19T09:03:30Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-25375"
    },
    {
      "cve": "CVE-2022-26490",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-26490"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
          "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-26490",
          "url": "https://www.suse.com/security/cve/CVE-2022-26490"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196830 for CVE-2022-26490",
          "url": "https://bugzilla.suse.com/1196830"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201656 for CVE-2022-26490",
          "url": "https://bugzilla.suse.com/1201656"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201969 for CVE-2022-26490",
          "url": "https://bugzilla.suse.com/1201969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1211495 for CVE-2022-26490",
          "url": "https://bugzilla.suse.com/1211495"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-19T09:03:30Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-26490"
    },
    {
      "cve": "CVE-2022-26966",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-26966"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in the Linux kernel before 5.16.12. drivers/net/usb/sr9700.c allows attackers to obtain sensitive information from heap memory via crafted frame lengths from a device.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
          "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-26966",
          "url": "https://www.suse.com/security/cve/CVE-2022-26966"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196836 for CVE-2022-26966",
          "url": "https://bugzilla.suse.com/1196836"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-19T09:03:30Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-26966"
    },
    {
      "cve": "CVE-2022-27666",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-27666"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
          "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-27666",
          "url": "https://www.suse.com/security/cve/CVE-2022-27666"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1197131 for CVE-2022-27666",
          "url": "https://bugzilla.suse.com/1197131"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1197133 for CVE-2022-27666",
          "url": "https://bugzilla.suse.com/1197133"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1197462 for CVE-2022-27666",
          "url": "https://bugzilla.suse.com/1197462"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-19T09:03:30Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-27666"
    },
    {
      "cve": "CVE-2022-28388",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-28388"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
          "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-28388",
          "url": "https://www.suse.com/security/cve/CVE-2022-28388"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198032 for CVE-2022-28388",
          "url": "https://bugzilla.suse.com/1198032"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-19T09:03:30Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-28388"
    },
    {
      "cve": "CVE-2022-28389",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-28389"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
          "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-28389",
          "url": "https://www.suse.com/security/cve/CVE-2022-28389"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198033 for CVE-2022-28389",
          "url": "https://bugzilla.suse.com/1198033"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201657 for CVE-2022-28389",
          "url": "https://bugzilla.suse.com/1201657"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-19T09:03:30Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-28389"
    },
    {
      "cve": "CVE-2022-28390",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-28390"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
          "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-28390",
          "url": "https://www.suse.com/security/cve/CVE-2022-28390"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198031 for CVE-2022-28390",
          "url": "https://bugzilla.suse.com/1198031"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201517 for CVE-2022-28390",
          "url": "https://bugzilla.suse.com/1201517"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1207969 for CVE-2022-28390",
          "url": "https://bugzilla.suse.com/1207969"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-19T09:03:30Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-28390"
    },
    {
      "cve": "CVE-2022-28748",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-28748"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-2964. Reason: This candidate is a reservation duplicate of CVE-2022-2964. Notes: All CVE users should reference CVE-2022-2964 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
          "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
          "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
          "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-28748",
          "url": "https://www.suse.com/security/cve/CVE-2022-28748"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196018 for CVE-2022-28748",
          "url": "https://bugzilla.suse.com/1196018"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-150200.79.2.x86_64",
            "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-150200.79.2.noarch",
            "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-150200.79.1.x86_64",
            "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-150200.79.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-04-19T09:03:30Z",
          "details": "low"
        }
      ],
      "title": "CVE-2022-28748"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThe SUSE Linux Enterprise 15 SP4 kernel was updated.\n\nThe following security bugs were fixed:\n\n- CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information (bsc#1199657).\n- CVE-2022-34918: Fixed a buffer overflow with nft_set_elem_init() that could be used by a local attacker to escalate privileges (bnc#1201171).\n- CVE-2021-26341: Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage (bsc#1201050).\n- CVE-2022-20154: Fixed a use after free due to a race condition in lock_sock_nested of sock.c. This could lead to local escalation of privilege with System execution privileges needed (bsc#1200599).\n- CVE-2022-2318: Fixed a use-after-free vulnerabilities in the timer handler in net/rose/rose_timer.c that allow attackers to crash the system without any privileges (bsc#1201251).\n- CVE-2022-26365, CVE-2022-33740, CVE-2022-33741, CVE-2022-33742: Fixed multiple potential data leaks with Block and Network devices when using untrusted backends (bsc#1200762).\n- CVE-2022-33743: Fixed a Denial of Service related to XDP (bsc#1200763).\n- CVE-2022-1966: Fixed a use-after-free vulnerability in the Netfilter subsystem. This flaw allowed a local attacker with user access to cause a privilege escalation issue. (bnc#1200015)\n- CVE-2022-1852: Fixed a null-ptr-deref in the kvm module which can lead to DoS. (bsc#1199875)\n- CVE-2022-1789: Fixed a NULL pointer dereference when shadow paging is enabled. (bnc#1199674)\n- CVE-2022-1508: Fixed an out-of-bounds read flaw that could cause the system to crash. (bsc#1198968)\n- CVE-2022-1671: Fixed a null-ptr-deref bugs in net/rxrpc/server_key.c, unprivileged users could easily trigger it via ioctl. (bsc#1199439)\n- CVE-2022-1651: Fixed a bug in ACRN Device Model emulates virtual NICs in VM. This flaw may allow a local privileged attacker to leak kernel unauthorized information and also cause a denial of service problem. (bsc#1199433)\n- CVE-2022-29582: Fixed a use-after-free due to a race condition in io_uring timeouts. This can be triggered by a local user who has no access to any user namespace; however, the race condition perhaps can only be exploited infrequently. (bnc#1198811)\n- CVE-2022-0494: Fixed a kernel information leak flaw in the scsi_ioctl function. This flaw allowed a local attacker with a special user privilege to create issues with confidentiality. (bnc#1197386)\n- CVE-2021-4204: Fixed a vulnerability that allows local attackers to escalate privileges on affected installations via ebpf. (bnc#1194111)\n- CVE-2022-23222: Fixed a bug that allowed local users to gain privileges. (bnc#1194765)\n- CVE-2022-0264: Fixed a vulnerability in the Linux kernel\u0027s eBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating some of the exploit mitigations in place for the kernel. (bnc#1194826)\n- CVE-2022-1016: Fixed a vulnerability in the nf_tables component of the netfilter subsystem. This vulnerability gives an attacker a powerful primitive that can be used to both read from and write to relative stack data, which can lead to arbitrary code execution. (bsc#1197227)\n- CVE-2022-1205: Fixed null pointer dereference and use-after-free vulnerabilities that allow an attacker to crash the linux kernel by simulating Amateur Radio. (bsc#1198027)\n- CVE-2022-1198: Fixed an use-after-free vulnerability that allow an attacker to crash the linux kernel by simulating Amateur Radio (bsc#1198030).\n- CVE-2022-1972: Fixed a buffer overflow in nftable that could lead to privilege escalation. (bsc#1200019)\n- CVE-2022-21127: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650)\n- CVE-2022-21123: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650)\n- CVE-2022-21125: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650)\n- CVE-2022-21180: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650)\n- CVE-2022-21166: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650)\n- CVE-2022-1729: Fixed a sys_perf_event_open() race condition against self (bsc#1199507).\n- CVE-2022-1652: Fixed a statically allocated error counter inside the floppy kernel module (bsc#1199063).\n- CVE-2022-30594: Fixed restriction bypass on setting the PT_SUSPEND_SECCOMP flag (bnc#1199505).\n- CVE-2021-33061: Fixed insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapters that may have allowed an authenticated user to potentially enable denial of service via local access (bnc#1196426).\n- CVE-2022-1974: Fixed an use-after-free that could causes kernel crash by simulating an nfc device from user-space. (bsc#1200144)\n- CVE-2022-21499: Reinforce the kernel lockdown feature, until now it\u0027s been trivial to break out of it with kgdb or kdb. (bsc#1199426)\n- CVE-2022-1184: Fixed an use-after-free and memory errors in ext4 when mounting and operating on a corrupted image. (bsc#1198577)\n- CVE-2022-1734: Fixed a r/w use-after-free when non synchronized between cleanup routine and firmware download routine. (bnc#1199605)\n- CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were not considered, which lead to a move_data_page NULL pointer dereference (bsc#1195987).\n- CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image. (bsc#1196079)\n- CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An attacker with adjacent NFC access could crash the system or corrupt the system memory. (bsc#1196830)\n- CVE-2021-45402: The check_alu_op function in kernel/bpf/verifier.c did not properly update bounds while handling the mov32 instruction, which allowed local users to obtain potentially sensitive address information (bsc#1196130).\n- CVE-2022-1679: Fixed use-after-free in ath9k in ath9k_hif_usb_rx_cb (bsc#1199487).\n- CVE-2022-20132: Fixed several potential out of bounds reads via malicious HID device (bsc#1200619).\n- CVE-2022-1012: Fixed an information leak in net/ipv4/tcp.c (bsc#1199482).\n- CVE-2022-33981: Fixed use-after-free in floppy driver (bnc#1200692).\n- CVE-2022-1998: Fixed use-after-free in fanotify (bnc#1200284).\n\n\nThe following non-security bugs were fixed:\n\n- ACPI: APEI: fix return value of __setup handlers (git-fixes).\n- ACPI/APEI: Limit printable size of BERT table data (git-fixes).\n- ACPI: battery: Add device HID and quirk for Microsoft Surface Go 3 (git-fixes).\n- ACPI: bus: Avoid using CPPC if not supported by firmware (bsc#1199793).\n- ACPICA: Avoid cache flush inside virtual machines (git-fixes).\n- ACPICA: Avoid walking the ACPI Namespace if it is not there (git-fixes).\n- ACPI: CPPC: Assume no transition latency if no PCCT (git-fixes).\n- ACPI: CPPC: Avoid out of bounds access when parsing _CPC data (git-fixes).\n- ACPI: docs: enumeration: Amend PWM enumeration ASL example (git-fixes).\n- ACPI: docs: enumeration: Discourage to use custom _DSM methods (git-fixes).\n- ACPI: docs: enumeration: Remove redundant .owner assignment (git-fixes).\n- ACPI: docs: enumeration: Update UART serial bus resource documentation (git-fixes).\n- ACPI/IORT: Check node revision for PMCG resources (git-fixes).\n- ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default (git-fixes).\n- ACPI: PM: Revert \u0027Only mark EC GPE for wakeup on Intel systems\u0027 (git-fixes).\n- ACPI: PM: s2idle: Cancel wakeup before dispatching EC GPE (git-fixes).\n- ACPI: processor idle: Allow playing dead in C3 state (git-fixes).\n- ACPI: processor: idle: Avoid falling back to C3 type C-states (git-fixes).\n- ACPI: processor idle: Check for architectural support for LPI (git-fixes).\n- ACPI: processor: idle: fix lockup regression on 32-bit ThinkPad T40 (git-fixes).\n- ACPI: properties: Consistently return -ENOENT if there are no more references (git-fixes).\n- ACPI: property: Release subnode properties with data nodes (git-fixes).\n- ACPI: sysfs: Fix BERT error region memory mapping (git-fixes).\n- ACPI: video: Change how we determine if brightness key-presses are handled (git-fixes).\n- ACPI: video: Force backlight native for Clevo NL5xRU and NL5xNU (git-fixes).\n- ACPI / x86: Work around broken XSDT on Advantech DAC-BJ01 board (git-fixes).\n- Add missing recommends of kernel-install-tools to kernel-source-vanilla (bsc#1200442)\n- Add references to IBM bugs\n- Add various fsctl structs (bsc#1193629).\n- Adjust cifssb maximum read size (bsc#1193629).\n- af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register (git-fixes).\n- aio: Fix incorrect usage of eventfd_signal_allowed() (git-fixes).\n- ALSA: cmipci: Restore aux vol on suspend/resume (git-fixes).\n- ALSA: core: Add snd_card_free_on_error() helper (git-fixes).\n- ALSA: cs4236: fix an incorrect NULL check on list iterator (git-fixes).\n- ALSA: ctxfi: Add SB046x PCI ID (git-fixes).\n- ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction (git-fixes).\n- ALSA: fireworks: fix wrong return count shorter than expected by 4 bytes (git-fixes).\n- ALSA: hda: Add AlderLake-PS variant PCI ID (git-fixes).\n- ALSA: hda: Add PCI and HDMI IDs for Intel Raptor Lake (git-fixes).\n- ALSA: hda: Avoid unsol event during RPM suspending (git-fixes).\n- ALSA: hda/conexant - Fix loopback issue with CX20632 (git-fixes).\n- ALSA: hda/conexant: Fix missing beep setup (git-fixes).\n- ALSA: hda: Fix discovery of i915 graphics PCI device (bsc#1200611).\n- ALSA: hda: Fix driver index handling at re-binding (git-fixes).\n- ALSA: hda: Fix missing codec probe on Shenker Dock 15 (git-fixes).\n- ALSA: hda: Fix regression on forced probe mask option (git-fixes).\n- ALSA: hda: Fix signedness of sscanf() arguments (git-fixes).\n- ALSA: hda - fix unused Realtek function when PM is not enabled (git-fixes).\n- ALSA: hda/hdmi: fix warning about PCM count when used with SOF (git-fixes).\n- ALSA: hda/i915: Fix one too many pci_dev_put() (git-fixes).\n- ALSA: hda/i915 - skip acomp init if no matching display (git-fixes).\n- ALSA: hda: intel-dspcfg: use SOF for UpExtreme and UpExtreme11 boards (git-fixes).\n- ALSA: hda: intel-dsp-config: update AlderLake PCI IDs (git-fixes).\n- ALSA: hda: intel-nhlt: remove use of __func__ in dev_dbg (git-fixes).\n- ALSA: hda/realtek: Add alc256-samsung-headphone fixup (git-fixes).\n- ALSA: hda/realtek - Add HW8326 support (git-fixes).\n- ALSA: hda/realtek: Add missing fixup-model entry for Gigabyte X570 ALC1220 quirks (git-fixes).\n- ALSA: hda/realtek: Add mute LED quirk for HP Omen laptop (git-fixes).\n- ALSA: hda/realtek - Add new type for ALC245 (git-fixes).\n- ALSA: hda/realtek: Add quirk for ASUS GA402 (git-fixes).\n- ALSA: hda/realtek: Add quirk for ASUS GU603 (git-fixes).\n- ALSA: hda/realtek: Add quirk for Clevo NP50PNJ (git-fixes).\n- ALSA: hda/realtek: Add quirk for Clevo NP70PNJ (git-fixes).\n- ALSA: hda/realtek: Add quirk for Clevo NP70PNP (git-fixes).\n- ALSA: hda/realtek: Add quirk for Clevo NS50PU (git-fixes).\n- ALSA: hda/realtek: Add quirk for Clevo PD50PNT (git-fixes).\n- ALSA: hda/realtek: Add quirk for Clevo PD70PNT (git-fixes).\n- ALSA: hda/realtek: Add quirk for Dell Latitude 7520 (git-fixes).\n- ALSA: hda/realtek: Add quirk for HP Dev One (git-fixes).\n- ALSA: hda/realtek: Add quirk for Legion Y9000X 2019 (git-fixes).\n- ALSA: hda/realtek: add quirk for Lenovo Thinkpad X12 speakers (git-fixes).\n- ALSA: hda/realtek: Add quirk for the Framework Laptop (git-fixes).\n- ALSA: hda/realtek: Add quirk for TongFang devices with pop noise (git-fixes).\n- ALSA: hda/realtek: Add quirk for Yoga Duet 7 13ITL6 speakers (git-fixes).\n- ALSA: hda/realtek - ALC897 headset MIC no sound (git-fixes).\n- ALSA: hda/realtek: Apply fixup for Lenovo Yoga Duet 7 properly (git-fixes).\n- ALSA: hda/realtek: Enable 4-speaker output for Dell XPS 15 9520 laptop (git-fixes).\n- ALSA: hda/realtek: Enable headset mic on Lenovo P360 (git-fixes).\n- ALSA: hda/realtek: Fix audio regression on Mi Notebook Pro 2020 (git-fixes).\n- ALSA: hda/realtek: Fix deadlock by COEF mutex (bsc#1195913).\n- ALSA: hda/realtek: Fix for quirk to enable speaker output on the Lenovo Yoga DuetITL 2021 (git-fixes).\n- ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671 (git-fixes).\n- ALSA: hda/realtek - Fix microphone noise on ASUS TUF B550M-PLUS (git-fixes).\n- ALSA: hda: realtek: Fix race at concurrent COEF updates (git-fixes).\n- ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine (git-fixes).\n- ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machines (git-fixes).\n- ALSA: hda/realtek: Fix silent output on Gigabyte X570 Aorus Xtreme after reboot from Windows (git-fixes).\n- ALSA: hda/realtek: Fix silent output on Gigabyte X570S Aorus Master (newer chipset) (git-fixes).\n- ALSA: hda: Set max DMA segment size (git-fixes).\n- ALSA: hda: Skip codec shutdown in case the codec is not registered (git-fixes).\n- ALSA: hda/via: Fix missing beep setup (git-fixes).\n- ALSA: intel_hdmi: Fix reference to PCM buffer address (git-fixes).\n- ALSA: memalloc: Fix dma_need_sync() checks (bsc#1195913).\n- ALSA: memalloc: invalidate SG pages before sync (bsc#1195913).\n- ALSA: oss: Fix PCM OSS buffer allocation overflow (git-fixes).\n- ALSA: pci: fix reading of swapped values from pcmreg in AC97 codec (git-fixes).\n- ALSA: pcm: Add stream lock during PCM reset ioctl operations (git-fixes).\n- ALSA: pcm: Check for null pointer of pointer substream before dereferencing it (git-fixes).\n- ALSA: pcm: Fix races among concurrent hw_params and hw_free calls (git-fixes).\n- ALSA: pcm: Fix races among concurrent prealloc proc writes (git-fixes).\n- ALSA: pcm: Fix races among concurrent prepare and hw_params/hw_free calls (git-fixes).\n- ALSA: pcm: Fix races among concurrent read/write and buffer changes (git-fixes).\n- ALSA: pcm: Test for \u0027silence\u0027 field in struct \u0027pcm_format_data\u0027 (git-fixes).\n- ALSA: spi: Add check for clk_enable() (git-fixes).\n- ALSA: usb-audio: add mapping for MSI MAG X570S Torpedo MAX (git-fixes).\n- ALSA: usb-audio: add mapping for new Corsair Virtuoso SE (git-fixes).\n- ALSA: usb-audio: Add missing ep_idx in fixed EP quirks (git-fixes).\n- ALSA: usb-audio: Add mute TLV for playback volumes on RODE NT-USB (git-fixes).\n- ALSA: usb-audio: Add quirk bits for enabling/disabling generic implicit fb (git-fixes).\n- ALSA: usb-audio: Cancel pending work at closing a MIDI substream (git-fixes).\n- ALSA: usb-audio: Cap upper limits of buffer/period bytes for implicit fb (git-fixes).\n- ALSA: usb-audio: Clear MIDI port active flag after draining (git-fixes).\n- ALSA: usb-audio: Configure sync endpoints before data (git-fixes).\n- ALSA: usb-audio: Correct quirk for VF0770 (git-fixes).\n- ALSA: usb-audio: Do not abort resume upon errors (bsc#1195913).\n- ALSA: usb-audio: Do not get sample rate for MCT Trigger 5 USB-to-HDMI (git-fixes).\n- ALSA: usb-audio: Fix undefined behavior due to shift overflowing the constant (git-fixes).\n- ALSA: usb-audio: Increase max buffer size (git-fixes).\n- ALSA: usb-audio: initialize variables that could ignore errors (git-fixes).\n- ALSA: usb-audio: Limit max buffer and period sizes per time (git-fixes).\n- ALSA: usb-audio: Move generic implicit fb quirk entries into quirks.c (git-fixes).\n- ALSA: usb-audio: Optimize TEAC clock quirk (git-fixes).\n- ALSA: usb-audio: Restore Rane SL-1 quirk (git-fixes).\n- ALSA: usb-audio: revert to IMPLICIT_FB_FIXED_DEV for M-Audio FastTrack Ultra (git-fixes).\n- ALSA: usb-audio: Set up (implicit) sync for Saffire 6 (git-fixes).\n- ALSA: usb-audio: Skip generic sync EP parse for secondary EP (git-fixes).\n- ALSA: usb-audio: US16x08: Move overflow check before array access (git-fixes).\n- ALSA: usb-audio: Workaround for clock setup on TEAC devices (git-fixes).\n- ALSA: wavefront: Proper check of get_user() error (git-fixes).\n- ALSA: x86: intel_hdmi_audio: enable pm_runtime and set autosuspend delay (git-fixes).\n- ALSA: x86: intel_hdmi_audio: use pm_runtime_resume_and_get() (git-fixes).\n- alx: acquire mutex for alx_reinit in alx_change_mtu (git-fixes).\n- amd/display: set backlight only if required (git-fixes).\n- arch/arm64: Fix topology initialization for core scheduling (git-fixes).\n- arm64: Add Cortex-A510 CPU part definition (git-fixes).\n- arm64: Add part number for Arm Cortex-A78AE (git-fixes).\n- arm64: Add support for user sub-page fault probing (git-fixes)\n- arm64: alternatives: mark patch_alternative() as `noinstr` (git-fixes).\n- arm64: avoid fixmap race condition when create pud mapping (git-fixes).\n- arm64: compat: Do not treat syscall number as ESR_ELx for a bad syscall (git-fixes).\n- arm64: Correct wrong label in macro __init_el2_gicv3 (git-fixes).\n- arm64: defconfig: build imx-sdma as a module (git-fixes).\n- arm64: do not abuse pfn_valid() to ensure presence of linear map (git-fixes).\n- arm64: Do not defer reserve_crashkernel() for platforms with no DMA memory zones (git-fixes).\n- arm64: Do not include __READ_ONCE() block in assembly files (git-fixes).\n- arm64: dts: agilex: use the compatible \u0027intel,socfpga-agilex-hsotg\u0027 (git-fixes).\n- arm64: dts: armada-3720-turris-mox: Add missing ethernet0 alias (git-fixes).\n- arm64: dts: broadcom: bcm4908: use proper TWD binding (git-fixes).\n- arm64: dts: broadcom: Fix sata nodename (git-fixes).\n- arm64: dts: imx8mm-beacon: Enable RTS-CTS on UART3 (git-fixes).\n- arm64: dts: imx8mm-venice: fix spi2 pin configuration (git-fixes)\n- arm64: dts: imx8mn-beacon: Enable RTS-CTS on UART3 (git-fixes).\n- arm64: dts: imx8mn-ddr4-evk: Describe the 32.768 kHz PMIC clock (git-fixes)\n- arm64: dts: imx8mn: Fix SAI nodes (git-fixes)\n- arm64: dts: imx8mp-evk: correct eqos pad settings (git-fixes).\n- arm64: dts: imx8mp-evk: correct gpio-led pad settings (git-fixes).\n- arm64: dts: imx8mp-evk: correct I2C1 pad settings (git-fixes).\n- arm64: dts: imx8mp-evk: correct I2C3 pad settings (git-fixes).\n- arm64: dts: imx8mp-evk: correct mmc pad settings (git-fixes).\n- arm64: dts: imx8mp-evk: correct the uart2 pinctl value (git-fixes).\n- arm64: dts: imx8mp-evk: correct vbus pad settings (git-fixes).\n- arm64: dts: imx8mp-phyboard-pollux-rdk: correct eqos pad settings (git-fixes).\n- arm64: dts: imx8mp-phyboard-pollux-rdk: correct i2c2 \u0026 mmc settings (git-fixes).\n- arm64: dts: imx8mp-phyboard-pollux-rdk: correct uart pad settings (git-fixes).\n- arm64: dts: imx8mq: fix lcdif port node (git-fixes).\n- arm64: dts: imx8qm: Correct SCU clock controller\u0027s compatible (git-fixes)\n- arm64: dts: imx: Fix imx8*-var-som touchscreen property sizes (git-fixes).\n- arm64: dts: juno: Remove GICv2m dma-range (git-fixes).\n- arm64: dts: ls1028a-qds: move rtc node to the correct i2c bus (git-fixes).\n- arm64: dts: ls1043a: Update i2c dma properties (git-fixes).\n- arm64: dts: ls1046a: Update i2c node dma properties (git-fixes).\n- arm64: dts: marvell: armada-37xx: Remap IO space to bus address 0x0 (git-fixes).\n- arm64: dts: marvell: espressobin-ultra: enable front USB3 port (git-fixes).\n- arm64: dts: marvell: espressobin-ultra: fix SPI-NOR config (git-fixes).\n- arm64: dts: meson-g12: add ATF BL32 reserved-memory region (git-fixes).\n- arm64: dts: meson-g12b-odroid-n2: fix typo \u0027dio2133\u0027 (git-fixes).\n- arm64: dts: meson-g12: drop BL32 region from SEI510/SEI610 (git-fixes).\n- arm64: dts: meson-gx: add ATF BL32 reserved-memory region (git-fixes).\n- arm64: dts: meson: remove CPU opps below 1GHz for G12B boards (git-fixes).\n- arm64: dts: meson: remove CPU opps below 1GHz for SM1 boards (git-fixes).\n- arm64: dts: meson-sm1-bananapi-m5: fix wrong GPIO domain for GPIOE_2 (git-fixes).\n- arm64: dts: meson-sm1-bananapi-m5: fix wrong GPIO pin labeling for CON1 (git-fixes).\n- arm64: dts: meson-sm1-odroid: fix boot loop after reboot (git-fixes).\n- arm64: dts: meson-sm1-odroid: use correct enable-gpio pin for tf-io regulator (git-fixes).\n- arm64: dts: mt8192: Fix nor_flash status disable typo (git-fixes).\n- arm64: dts: ns2: Fix spi-cpol and spi-cpha property (git-fixes).\n- arm64: dts: qcom: ipq8074: fix the sleep clock frequency (git-fixes).\n- arm64: dts: qcom: msm8916-huawei-g7: Clarify installation instructions (git-fixes).\n- arm64: dts: qcom: msm8994: Fix BLSP[12]_DMA channels count (git-fixes).\n- arm64: dts: qcom: msm8994: Fix CPU6/7 reg values (git-fixes).\n- arm64: dts: qcom: msm8994: Fix the cont_splash_mem address (git-fixes).\n- arm64: dts: qcom: msm8996: Drop flags for mdss irqs (git-fixes).\n- arm64: dts: qcom: msm8996: remove snps,dw-pcie compatibles (git-fixes).\n- arm64: dts: qcom: pm8350c: stop depending on thermal_zones label (git-fixes).\n- arm64: dts: qcom: pmr735a: stop depending on thermal_zones label (git-fixes).\n- arm64: dts: qcom: qrb5165-rb5: Fix can-clock node name (git-fixes).\n- arm64: dts: qcom: sdm845-db845c: add wifi variant property (git-fixes).\n- arm64: dts: qcom: sdm845: Drop flags for mdss irqs (git-fixes).\n- arm64: dts: qcom: sdm845: fix microphone bias properties and values (git-fixes).\n- arm64: dts: qcom: sdm845: remove snps,dw-pcie compatibles (git-fixes).\n- arm64: dts: qcom: sdm845-xiaomi-beryllium: fix typo in panel\u0027s vddio-supply property (git-fixes).\n- arm64: dts: qcom: sm8150: Correct TCS configuration for apps rsc (git-fixes).\n- arm64: dts: qcom: sm8250: Drop flags for mdss irqs (git-fixes).\n- arm64: dts: qcom: sm8250: Fix MSI IRQ for PCIe1 and PCIe2 (git-fixes).\n- arm64: dts: qcom: sm8250: fix PCIe bindings to follow schema (git-fixes).\n- arm64: dts: qcom: sm8350: Correct TCS configuration for apps rsc (git-fixes).\n- arm64: dts: qcom: sm8350: Correct UFS symbol clocks (git-fixes).\n- arm64: dts: qcom: sm8350: Describe GCC dependency clocks (git-fixes).\n- arm64: dts: qcom: sm8350: Shorten camera-thermal-bottom name (git-fixes).\n- arm64: dts: renesas: Fix thermal bindings (git-fixes).\n- arm64: dts: renesas: ulcb-kf: fix wrong comment (git-fixes).\n- arm64: dts: rockchip: align pl330 node name with dtschema (git-fixes).\n- arm64: dts: rockchip: fix rk3399-puma eMMC HS400 signal integrity (git-fixes).\n- arm64: dts: rockchip: fix rk3399-puma-haikou USB OTG mode (git-fixes).\n- arm64: dts: rockchip: Fix SDIO regulator supply properties on rk3399-firefly (git-fixes).\n- arm64: dts: rockchip: Move drive-impedance-ohm to emmc phy on rk3399 (git-fixes).\n- arm64: dts: rockchip: reorder rk3399 hdmi clocks (git-fixes).\n- arm64: dts: rockchip: Switch RK3399-Gru DP to SPDIF output (git-fixes).\n- arm64: dts: ti: j7200-main: Fix \u0027dtbs_check\u0027 serdes_ln_ctrl node (git-fixes).\n- arm64: dts: ti: j721e-main: Fix \u0027dtbs_check\u0027 in serdes_ln_ctrl node (git-fixes).\n- arm64: dts: ti: k3-am64: Fix gic-v3 compatible regs (git-fixes).\n- arm64: dts: ti: k3-am64-main: Remove support for HS400 speed mode (git-fixes).\n- arm64: dts: ti: k3-am64-mcu: remove incorrect UART base clock rates (git-fixes).\n- arm64: dts: ti: k3-am65: Fix gic-v3 compatible regs (git-fixes).\n- arm64: dts: ti: k3-j7200: Fix gic-v3 compatible regs (git-fixes).\n- arm64: dts: ti: k3-j721e: Fix gic-v3 compatible regs (git-fixes).\n- arm64: Enable repeat tlbi workaround on KRYO4XX gold CPUs (git-fixes).\n- arm64: Ensure execute-only permissions are not allowed without EPAN (git-fixes)\n- arm64: fix clang warning about TRAMP_VALIAS (git-fixes).\n- arm64: fix types in copy_highpage() (git-fixes).\n- arm64: ftrace: consistently handle PLTs (git-fixes).\n- arm64: ftrace: fix branch range checks (git-fixes).\n- arm64: kasan: fix include error in MTE functions (git-fixes).\n- arm64: kvm: keep the field workaround_flags in structure kvm_vcpu_arch (git-fixes).\n- arm64: Mark start_backtrace() notrace and NOKPROBE_SYMBOL (git-fixes)\n- arm64: mm: Drop \u0027const\u0027 from conditional arm64_dma_phys_limit definition (git-fixes).\n- arm64: mm: fix p?d_leaf() (git-fixes).\n- arm64: module: remove (NOLOAD) from linker script (git-fixes).\n- arm64: mte: Ensure the cleared tags are visible before setting the PTE (git-fixes).\n- arm64: paravirt: Use RCU read locks to guard stolen_time (git-fixes).\n- arm64: patch_text: Fixup last cpu should be master (git-fixes).\n- arm64: prevent instrumentation of bp hardening callbacks (git-fixes).\n- arm64: signal: nofpsimd: Do not allocate fp/simd context when not available (git-fixes).\n- arm64: stackleak: fix current_top_of_stack() (git-fixes).\n- arm64: supported.conf: mark PHY_FSL_IMX8MQ_USB as supported (bsc#1199909)\n- arm64: tegra: Add missing DFLL reset on Tegra210 (git-fixes).\n- arm64: tegra: Adjust length of CCPLEX cluster MMIO region (git-fixes).\n- arm64: Update config files. (bsc#1199909) Add pfuze100 regulator as module\n- arm64: vdso: fix makefile dependency on vdso.so (git-fixes).\n- ARM: 9178/1: fix unmet dependency on BITREVERSE for HAVE_ARCH_BITREVERSE (git-fixes).\n- ARM: 9182/1: mmu: fix returns from early_param() and __setup() functions (git-fixes).\n- ARM: 9187/1: JIVE: fix return value of __setup handler (git-fixes).\n- ARM: 9191/1: arm/stacktrace, kasan: Silence KASAN warnings in unwind_frame() (git-fixes).\n- ARM: 9196/1: spectre-bhb: enable for Cortex-A15 (git-fixes).\n- ARM: 9197/1: spectre-bhb: fix loop8 sequence for Thumb2 (git-fixes).\n- ARM: at91: fix soc detection for SAM9X60 SiPs (git-fixes).\n- ARM: at91: pm: use proper compatible for sama5d2\u0027s rtc (git-fixes).\n- ARM: at91: pm: use proper compatibles for sam9x60\u0027s rtc and rtt (git-fixes).\n- ARM: boot: dts: bcm2711: Fix HVS register range (git-fixes).\n- ARM: cns3xxx: Fix refcount leak in cns3xxx_init (git-fixes).\n- ARM: configs: multi_v5_defconfig: re-enable CONFIG_V4L_PLATFORM_DRIVERS (git-fixes).\n- ARM: configs: multi_v5_defconfig: re-enable DRM_PANEL and FB_xxx (git-fixes).\n- ARM: config: u8500: Re-enable AB8500 battery charging (git-fixes).\n- ARM: davinci: da850-evm: Avoid NULL pointer dereference (git-fixes).\n- ARM: Do not use NOCROSSREFS directive with ld.lld (git-fixes).\n- ARM: dts: am3517-evm: Fix misc pinmuxing (git-fixes).\n- ARM: dts: aspeed: Add ADC for AST2600 and enable for Rainier and Everest (git-fixes).\n- ARM: dts: aspeed: Add secure boot controller node (git-fixes).\n- ARM: dts: aspeed: Add video engine to g6 (git-fixes).\n- ARM: dts: aspeed: ast2600-evb: Enable RX delay for MAC0/MAC1 (git-fixes).\n- ARM: dts: aspeed: Fix AST2600 quad spi group (git-fixes).\n- ARM: dts: aspeed-g6: fix SPI1/SPI2 quad pin group (git-fixes).\n- ARM: dts: aspeed-g6: remove FWQSPID group in pinctrl dtsi (git-fixes).\n- ARM: dts: at91: fix pinctrl phandles (git-fixes).\n- ARM: dts: at91: Map MCLK for wm8731 on at91sam9g20ek (git-fixes).\n- ARM: dts: at91: sam9x60ek: fix eeprom compatible and size (git-fixes).\n- ARM: dts: at91: sama5d2: Fix PMERRLOC resource size (git-fixes).\n- ARM: dts: at91: sama5d2_icp: fix eeprom compatibles (git-fixes).\n- ARM: dts: at91: sama5d4_xplained: fix pinctrl phandle name (git-fixes).\n- ARM: dts: bcm2711: Add the missing L1/L2 cache information (git-fixes).\n- ARM: dts: bcm2711-rpi-400: Fix GPIO line names (git-fixes).\n- ARM: dts: bcm2835-rpi-b: Fix GPIO line names (git-fixes).\n- ARM: dts: bcm2835-rpi-zero-w: Fix GPIO line name for Wifi/BT (git-fixes).\n- ARM: dts: bcm2837: Add the missing L1/L2 cache information (git-fixes).\n- ARM: dts: bcm2837-rpi-3-b-plus: Fix GPIO line name of power LED (git-fixes).\n- ARM: dts: bcm2837-rpi-cm3-io3: Fix GPIO line names for SMPS I2C (git-fixes).\n- ARM: dts: BCM5301X: update CRU block description (git-fixes).\n- ARM: dts: BCM5301X: Update pin controller node name (git-fixes).\n- ARM: dts: ci4x10: Adapt to changes in imx6qdl.dtsi regarding fec clocks (git-fixes).\n- ARM: dts: dra7: Fix suspend warning for vpe powerdomain (git-fixes).\n- ARM: dts: exynos: add atmel,24c128 fallback to Samsung EEPROM (git-fixes).\n- ARM: dts: exynos: add missing HDMI supplies on SMDK5250 (git-fixes).\n- ARM: dts: exynos: add missing HDMI supplies on SMDK5420 (git-fixes).\n- ARM: dts: exynos: fix UART3 pins configuration in Exynos5250 (git-fixes).\n- ARM: dts: Fix boot regression on Skomer (git-fixes).\n- ARM: dts: Fix mmc order for omap3-gta04 (git-fixes).\n- ARM: dts: Fix OpenBMC flash layout label addresses (git-fixes).\n- ARM: dts: Fix timer regression for beagleboard revision c (git-fixes).\n- ARM: dts: imx23-evk: Remove MX23_PAD_SSP1_DETECT from hog group (git-fixes).\n- ARM: dts: imx6dl-colibri: Fix I2C pinmuxing (git-fixes).\n- ARM: dts: imx6qdl-apalis: Fix sgtl5000 detection issue (git-fixes).\n- ARM: dts: imx6qdl: correct PU regulator ramp delay (git-fixes).\n- ARM: dts: imx6qdl-udoo: Properly describe the SD card detect (git-fixes).\n- ARM: dts: imx6ull-colibri: fix vqmmc regulator (git-fixes).\n- ARM: dts: imx7: Move hsic_phy power domain to HSIC PHY node (git-fixes).\n- ARM: dts: imx7ulp: Fix \u0027assigned-clocks-parents\u0027 typo (git-fixes).\n- ARM: dts: imx7: Use audio_mclk_post_div instead audio_mclk_root_clk (git-fixes).\n- ARM: dts: imx8mm-venice-gw{71xx,72xx,73xx}: fix OTG controller OC (git-fixes)\n- ARM: dts: imx: Add missing LVDS decoder on M53Menlo (git-fixes).\n- ARM: dts: logicpd-som-lv: Fix wrong pinmuxing on OMAP35 (git-fixes).\n- ARM: dts: meson8b: Fix the UART device-tree schema validation (git-fixes).\n- ARM: dts: meson8: Fix the UART device-tree schema validation (git-fixes).\n- ARM: dts: meson: Fix the UART compatible strings (git-fixes).\n- ARM: dts: ox820: align interrupt controller node name with dtschema (git-fixes).\n- ARM: dts: qcom: fix gic_irq_domain_translate warnings for msm8960 (git-fixes).\n- ARM: dts: qcom: ipq4019: fix sleep clock (git-fixes).\n- ARM: dts: qcom: msm8974: Drop flags for mdss irqs (git-fixes).\n- ARM: dts: qcom: sdx55: fix IPA interconnect definitions (git-fixes).\n- ARM: dts: rockchip: fix a typo on rk3288 crypto-controller (git-fixes).\n- ARM: dts: rockchip: reorder rk322x hmdi clocks (git-fixes).\n- ARM: dts: s5pv210: align DMA channels with dtschema (git-fixes).\n- ARM: dts: s5pv210: Correct interrupt name for bluetooth in Aries (git-fixes).\n- ARM: dts: s5pv210: Remove spi-cs-high on panel in Aries (git-fixes).\n- ARM: dts: socfpga: align interrupt controller node name with dtschema (git-fixes).\n- ARM: dts: socfpga: change qspi to \u0027intel,socfpga-qspi\u0027 (git-fixes).\n- ARM: dts: spear1340: Update serial node properties (git-fixes).\n- ARM: dts: spear13xx: Update SPI dma properties (git-fixes).\n- ARM: dts: stm32: fix AV96 board SAI2 pin muxing on stm32mp15 (git-fixes).\n- ARM: dts: stm32: Fix PHY post-reset delay on Avenger96 (git-fixes).\n- ARM: dts: sun8i: v3s: Move the csi1 block to follow address order (git-fixes).\n- ARM: dts: suniv: F1C100: fix watchdog compatible (git-fixes).\n- ARM: dts: switch timer config to common devkit8000 devicetree (git-fixes).\n- ARM: dts: Use 32KiHz oscillator on devkit8000 (git-fixes).\n- ARM: exynos: Fix refcount leak in exynos_map_pmu (git-fixes).\n- ARM: fix build warning in proc-v7-bugs.c (git-fixes).\n- ARM: fix co-processor register typo (git-fixes).\n- ARM: Fix kgdb breakpoint for Thumb2 (git-fixes).\n- ARM: Fix refcount leak in axxia_boot_secondary (git-fixes).\n- ARM: fix Thumb2 regression with Spectre BHB (git-fixes).\n- ARM: ftrace: avoid redundant loads or clobbering IP (git-fixes).\n- ARM: ftrace: ensure that ADR takes the Thumb bit into account (git-fixes).\n- ARM: hisi: Add missing of_node_put after of_find_compatible_node (git-fixes).\n- ARM: iop32x: offset IRQ numbers by 1 (git-fixes).\n- ARM: kprobes: Make space for instruction pointer on stack (bsc#1193277).\n- ARM: mediatek: select arch timer for mt7629 (git-fixes).\n- ARM: meson: Fix refcount leak in meson_smp_prepare_cpus (git-fixes).\n- ARM: mmp: Fix failure to remove sram device (git-fixes).\n- ARM: mstar: Select HAVE_ARM_ARCH_TIMER (git-fixes).\n- ARM: mxs_defconfig: Enable the framebuffer (git-fixes).\n- ARM: omap1: ams-delta: remove camera leftovers (git-fixes).\n- ARM: OMAP1: clock: Fix UART rate reporting algorithm (git-fixes).\n- ARM: OMAP2+: adjust the location of put_device() call in omapdss_init_of (git-fixes).\n- ARM: OMAP2+: Fix refcount leak in omap_gic_of_init (git-fixes).\n- ARM: OMAP2+: hwmod: Add of_node_put() before break (git-fixes).\n- ARM: pxa: maybe fix gpio lookup tables (git-fixes).\n- ARM: socfpga: fix missing RESET_CONTROLLER (git-fixes).\n- ARM: Spectre-BHB: provide empty stub for non-config (git-fixes).\n- ARM: tegra: tamonten: Fix I2C3 pad setting (git-fixes).\n- ARM: vexpress/spc: Avoid negative array index when !SMP (git-fixes).\n- ASoC: amd: Fix reference to PCM buffer address (git-fixes).\n- ASoC: amd: vg: fix for pm resume callback sequence (git-fixes).\n- ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe (git-fixes).\n- ASoC: atmel-classd: Remove endianness flag on class d component (git-fixes).\n- ASoC: atmel: Fix error handling in sam9x5_wm8731_driver_probe (git-fixes).\n- ASoC: atmel: Fix error handling in snd_proto_probe (git-fixes).\n- ASoC: atmel-pdmic: Remove endianness flag on pdmic component (git-fixes).\n- ASoC: atmel: Remove system clock tree configuration for at91sam9g20ek (git-fixes).\n- ASoC: atmel_ssc_dai: Handle errors for clk_enable (git-fixes).\n- ASoC: codecs: Check for error pointer after calling devm_regmap_init_mmio (git-fixes).\n- ASoC: codecs: lpass-rx-macro: fix sidetone register offsets (git-fixes).\n- ASoC: codecs: rx-macro: fix accessing array out of bounds for enum type (git-fixes).\n- ASoC: codecs: rx-macro: fix accessing compander for aux (git-fixes).\n- ASoC: codecs: va-macro: fix accessing array out of bounds for enum type (git-fixes).\n- ASoC: codecs: wc938x: fix accessing array out of bounds for enum type (git-fixes).\n- ASoC: codecs: wcd934x: Add missing of_node_put() in wcd934x_codec_parse_data (git-fixes).\n- ASoC: codecs: wcd934x: do not switch off SIDO Buck when codec is in use (git-fixes).\n- ASoC: codecs: wcd934x: fix kcontrol max values (git-fixes).\n- ASoC: codecs: wcd934x: fix return value of wcd934x_rx_hph_mode_put (git-fixes).\n- ASoC: codecs: wcd938x: fix return value of mixer put function (git-fixes).\n- ASoC: cpcap: Check for NULL pointer after calling of_get_child_by_name (git-fixes).\n- ASoC: cs35l36: Update digital volume TLV (git-fixes).\n- ASoC: cs4265: Fix the duplicated control name (git-fixes).\n- ASoC: cs42l51: Correct minimum value for SX volume control (git-fixes).\n- ASoC: cs42l52: Correct TLV for Bypass Volume (git-fixes).\n- ASoC: cs42l52: Fix TLV scales for mixer controls (git-fixes).\n- ASoC: cs42l56: Correct typo in minimum level for SX volume controls (git-fixes).\n- ASoC: cs53l30: Correct number of volume levels on SX controls (git-fixes).\n- ASoC: da7219: Fix change notifications for tone generator frequency (git-fixes).\n- ASoC: dapm: Do not fold register value changes into notifications (git-fixes).\n- ASoC: dmaengine: do not use a NULL prepare_slave_config() callback (git-fixes).\n- ASoC: dmaengine: Restore NULL prepare_slave_config() callback (git-fixes).\n- ASoC: dwc-i2s: Handle errors for clk_enable (git-fixes).\n- ASoC: es8328: Fix event generation for deemphasis control (git-fixes).\n- ASoC: fsi: Add check for clk_enable (git-fixes).\n- ASoC: fsl: Add missing error handling in pcm030_fabric_probe (git-fixes).\n- ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe (git-fixes).\n- ASoC: fsl_sai: Fix FSL_SAI_xDR/xFR definition (git-fixes).\n- ASoC: fsl_spdif: Disable TX clock when stop (git-fixes).\n- ASoC: fsl: Use dev_err_probe() helper (git-fixes).\n- ASoC: hdmi-codec: Fix OOB memory accesses (git-fixes).\n- ASoC: imx-es8328: Fix error return code in imx_es8328_probe() (git-fixes).\n- ASoC: imx-hdmi: Fix refcount leak in imx_hdmi_probe (git-fixes).\n- ASoC: Intel: bytcr_rt5640: Add quirk for the HP Pro Tablet 408 (git-fixes).\n- ASoC: intel: skylake: Set max DMA segment size (git-fixes).\n- ASoC: Intel: soc-acpi: correct device endpoints for max98373 (git-fixes).\n- ASoC: Intel: sof_sdw: fix quirks for 2022 HP Spectre x360 13\u0027 (git-fixes).\n- ASoC: madera: Add dependencies on MFD (git-fixes).\n- ASoC: max9759: fix underflow in speaker_gain_control_put() (git-fixes).\n- ASoC: max98090: Generate notifications on changes for custom control (git-fixes).\n- ASoC: max98090: Move check for invalid values before casting in max98090_put_enab_tlv() (git-fixes).\n- ASoC: max98090: Reject invalid values in custom control put() (git-fixes).\n- ASoC: max98357a: remove dependency on GPIOLIB (git-fixes).\n- ASoC: mediatek: Fix error handling in mt8173_max98090_dev_probe (git-fixes).\n- ASoC: mediatek: Fix missing of_node_put in mt2701_wm8960_machine_probe (git-fixes).\n- ASoC: mediatek: mt6358: add missing EXPORT_SYMBOLs (git-fixes).\n- ASoC: mediatek: mt8192-mt6359: Fix error handling in mt8192_mt6359_dev_probe (git-fixes).\n- ASoC: mediatek: use of_device_get_match_data() (git-fixes).\n- ASoC: meson: Fix event generation for AUI ACODEC mux (git-fixes).\n- ASoC: meson: Fix event generation for AUI CODEC mux (git-fixes).\n- ASoC: meson: Fix event generation for G12A tohdmi mux (git-fixes).\n- ASoC: msm8916-wcd-analog: Fix error handling in pm8916_wcd_analog_spmi_probe (git-fixes).\n- ASoC: msm8916-wcd-digital: Check failure for devm_snd_soc_register_component (git-fixes).\n- ASoC: msm8916-wcd-digital: Fix missing clk_disable_unprepare() in msm8916_wcd_digital_probe (git-fixes).\n- ASoC: mxs: Fix error handling in mxs_sgtl5000_probe (git-fixes).\n- ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe (git-fixes).\n- ASoC: mxs-saif: Handle errors for clk_enable (git-fixes).\n- ASoC: nau8822: Add operation for internal PLL off and on (git-fixes).\n- ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw() (git-fixes).\n- ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw_range() (git-fixes).\n- ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw_sx() (git-fixes).\n- ASoC: ops: Fix stereo change notifications in snd_soc_put_xr_sx() (git-fixes).\n- ASoC: ops: Reject out of bounds values in snd_soc_put_volsw() (git-fixes).\n- ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx() (git-fixes).\n- ASoC: ops: Reject out of bounds values in snd_soc_put_xr_sx() (git-fixes).\n- ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min (git-fixes).\n- ASoC: ops: Validate input values in snd_soc_put_volsw_range() (git-fixes).\n- ASoC: qcom: Actually clear DMA interrupt register for HDMI (git-fixes).\n- ASoC: rk3328: fix disabling mclk on pclk probe failure (git-fixes).\n- ASoC: rk817: Fix missing clk_disable_unprepare() in rk817_platform_probe (git-fixes).\n- ASoC: rk817: Use devm_clk_get() in rk817_platform_probe (git-fixes).\n- ASoC: rockchip: i2s: Fix missing clk_disable_unprepare() in rockchip_i2s_probe (git-fixes).\n- ASoC: rsnd: care default case on rsnd_ssiu_busif_err_status_clear() (git-fixes).\n- ASoC: rsnd: care return value from rsnd_node_fixed_index() (git-fixes).\n- ASoC: rt1015p: remove dependency on GPIOLIB (git-fixes).\n- ASoC: rt5514: Fix event generation for \u0027DSP Voice Wake Up\u0027 control (git-fixes).\n- ASoC: rt5645: Fix errorenous cleanup order (git-fixes).\n- ASoC: rt5663: check the return value of devm_kzalloc() in rt5663_parse_dp() (git-fixes).\n- ASoC: rt5668: do not block workqueue if card is unbound (git-fixes).\n- ASoC: rt5682: do not block workqueue if card is unbound (git-fixes).\n- ASoC: samsung: Fix refcount leak in aries_audio_probe (git-fixes).\n- ASoC: samsung: Use dev_err_probe() helper (git-fixes).\n- ASoC: simple-card: fix probe failure on platform component (git-fixes).\n- ASoC: simple-card-utils: Set sysclk on all components (git-fixes).\n- ASoC: soc-compress: Change the check for codec_dai (git-fixes).\n- ASoC: soc-compress: prevent the potentially use of null pointer (git-fixes).\n- ASoC: soc-core: skip zero num_dai component in searching dai name (git-fixes).\n- ASoC: soc-dapm: fix two incorrect uses of list iterator (git-fixes).\n- ASoC: soc-ops: fix error handling (git-fixes).\n- ASoC: SOF: Add missing of_node_put() in imx8m_probe (git-fixes).\n- ASoC: SOF: Fix NULL pointer exception in sof_pci_probe callback (git-fixes).\n- ASoC: SOF: hda: Set max DMA segment size (git-fixes).\n- ASoC: SOF: Intel: enable DMI L1 for playback streams (git-fixes).\n- ASoC: SOF: Intel: Fix build error without SND_SOC_SOF_PCI_DEV (git-fixes).\n- ASoC: SOF: Intel: Fix NULL ptr dereference when ENOMEM (git-fixes).\n- ASoC: SOF: Intel: match sdw version on link_slaves_found (git-fixes).\n- ASoC: SOF: topology: remove redundant code (git-fixes).\n- ASoC: sti: Fix deadlock via snd_pcm_stop_xrun() call (git-fixes).\n- ASoC: tas2770: Insert post reset delay (git-fixes).\n- ASoC: ti: davinci-i2s: Add check for clk_enable() (git-fixes).\n- ASoC: ti: j721e-evm: Fix refcount leak in j721e_soc_probe_* (git-fixes).\n- ASoC: topology: Allow TLV control to be either read or write (git-fixes).\n- ASoC: topology: Correct error handling in soc_tplg_dapm_widget_create() (git-fixes).\n- ASoC: topology: Optimize soc_tplg_dapm_graph_elems_load behavior (git-fixes).\n- ASoC: tscs454: Add endianness flag in snd_soc_component_driver (git-fixes).\n- ASoC: wm2000: fix missing clk_disable_unprepare() on error in wm2000_anc_transition() (git-fixes).\n- ASoC: wm8350: Handle error for wm8350_register_irq (git-fixes).\n- ASoC: wm8958: Fix change notifications for DSP controls (git-fixes).\n- ASoC: wm8962: Fix suspend while playing music (git-fixes).\n- ASoC: wm_adsp: Fix event generation for wm_adsp_fw_put() (git-fixes).\n- ASoC: xilinx: xlnx_formatter_pcm: Handle sysclk setting (git-fixes).\n- ASoC: xilinx: xlnx_formatter_pcm: Make buffer bytes multiple of period bytes (git-fixes).\n- assoc_array: Fix BUG_ON during garbage collect (git-fixes).\n- asus-wmi: Add dgpu disable method (bsc#1198058).\n- asus-wmi: Add egpu enable method (bsc#1198058).\n- asus-wmi: Add panel overdrive functionality (bsc#1198058).\n- asus-wmi: Add support for platform_profile (bsc#1198058).\n- ata: libata: add qc-\u003eflags in ata_qc_complete_template tracepoint (git-fixes).\n- ata: libata-core: Disable READ LOG DMA EXT for Samsung 840 EVOs (git-fixes).\n- ata: libata-core: Disable TRIM on M88V29 (git-fixes).\n- ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo() (git-fixes).\n- ata: libata-transport: fix {dma|pio|xfer}_mode sysfs files (git-fixes).\n- ata: pata_hpt37x: disable primary channel on HPT371 (git-fixes).\n- ata: pata_hpt37x: fix PCI clock detection (git-fixes).\n- ata: pata_marvell: Check the \u0027bmdma_addr\u0027 beforing reading (git-fixes).\n- ata: pata_octeon_cf: Fix refcount leak in octeon_cf_probe (git-fixes).\n- ata: sata_dwc_460ex: Fix crash due to OOB write (git-fixes).\n- ath10k: Fix error handling in ath10k_setup_msa_resources (git-fixes).\n- ath10k: fix memory overwrite of the WoWLAN wakeup packet pattern (git-fixes).\n- ath10k: skip ath10k_halt during suspend for driver state RESTARTING (git-fixes).\n- ath11k: acquire ab-\u003ebase_lock in unassign when finding the peer by addr (git-fixes).\n- ath11k: disable spectral scan during spectral deinit (git-fixes).\n- ath11k: Do not check arvif-\u003eis_started before sending management frames (git-fixes).\n- ath11k: fix kernel panic during unload/load ath11k modules (git-fixes).\n- ath11k: mhi: use mhi_sync_power_up() (git-fixes).\n- ath11k: pci: fix crash on suspend if board file is not found (git-fixes).\n- ath11k: set correct NL80211_FEATURE_DYNAMIC_SMPS for WCN6855 (git-fixes).\n- ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 (git-fixes).\n- ath9k: fix ar9003_get_eepmisc (git-fixes).\n- ath9k: fix QCA9561 PA bias level (git-fixes).\n- ath9k: Fix usage of driver-private space in tx_info (git-fixes).\n- ath9k_htc: fix potential out of bounds access with invalid rxstatus-\u003ers_keyix (git-fixes).\n- ath9k_htc: fix uninit value bugs (git-fixes).\n- ath9k: Properly clear TX status area before reporting to mac80211 (git-fixes).\n- atl1c: fix tx timeout after link flap on Mikrotik 10/25G NIC (git-fixes).\n- atm: eni: Add check for dma_map_single (git-fixes).\n- atm: firestream: check the return value of ioremap() in fs_init() (git-fixes).\n- atomics: Fix atomic64_{read_acquire,set_release} fallbacks (git-fixes).\n- audit: ensure userspace is penalized the same as the kernel when under pressure (git-fixes).\n- audit: improve audit queue handling when \u0027audit=1\u0027 on cmdline (git-fixes).\n- audit: improve robustness of the audit queue handling (git-fixes).\n- auxdisplay: lcd2s: Fix lcd2s_redefine_char() feature (git-fixes).\n- auxdisplay: lcd2s: Fix memory leak in -\u003eremove() (git-fixes).\n- auxdisplay: lcd2s: Use proper API to free the instance of charlcd object (git-fixes).\n- ax25: Fix NULL pointer dereference in ax25_kill_by_device (git-fixes).\n- ax25: improve the incomplete fix to avoid UAF and NPD bugs (git-fixes).\n- b43: Fix assigning negative value to unsigned variable (git-fixes).\n- b43legacy: Fix assigning negative value to unsigned variable (git-fixes).\n- bareudp: use ipv6_mod_enabled to check if IPv6 enabled (git-fixes).\n- batman-adv: Do not expect inter-netns unique iflink indices (git-fixes).\n- batman-adv: Do not skb_split skbuffs with frag_list (git-fixes).\n- batman-adv: Request iflink once in batadv_get_real_netdevice (git-fixes).\n- batman-adv: Request iflink once in batadv-on-batadv check (git-fixes).\n- bcache: avoid journal no-space deadlock by reserving 1 journal bucket (git-fixes).\n- bcache: avoid unnecessary soft lockup in kworker update_writeback_rate() (bsc#1197362).\n- bcache: fixup multiple threads crash (git-fixes).\n- bcache: fix use-after-free problem in bcache_device_free() (git-fixes).\n- bcache: improve multithreaded bch_btree_check() (git-fixes).\n- bcache: improve multithreaded bch_sectors_dirty_init() (git-fixes).\n- bcache: memset on stack variables in bch_btree_check() and bch_sectors_dirty_init() (git-fixes).\n- bcache: remove incremental dirty sector counting for bch_sectors_dirty_init() (git-fixes).\n- bfq: Allow current waker to defend against a tentative one (bsc#1195915).\n- bfq: Avoid false marking of bic as stably merged (bsc#1197926).\n- bfq: Avoid merging queues with different parents (bsc#1197926).\n- bfq: Do not let waker requests skip proper accounting (bsc#1184318).\n- bfq: Drop pointless unlock-lock pair (bsc#1197926).\n- bfq: Fix warning in bfqq_request_over_limit() (bsc#1200812).\n- bfq: Get rid of __bio_blkcg() usage (bsc#1197926).\n- bfq: Limit number of requests consumed by each cgroup (bsc#1184318).\n- bfq: Limit waker detection in time (bsc#1184318).\n- bfq: Make sure bfqg for which we are queueing requests is online (bsc#1197926).\n- bfq: Relax waker detection for shared queues (bsc#1184318).\n- bfq: Remove pointless bfq_init_rq() calls (bsc#1197926).\n- bfq: Split shared queues on move between cgroups (bsc#1197926).\n- bfq: Store full bitmap depth in bfq_data (bsc#1184318).\n- bfq: Track number of allocated requests in bfq_entity (bsc#1184318).\n- bfq: Track whether bfq_group is still online (bsc#1197926).\n- bfq: Update cgroup information before merging bio (bsc#1197926).\n- binfmt_flat: do not stop relocating GOT entries prematurely on riscv (git-fixes).\n- bitfield: add explicit inclusions to the example (git-fixes).\n- blkcg: Remove extra blkcg_bio_issue_init (bsc#1194585).\n- blk-cgroup: move blkcg_{get,set}_fc_appid out of line (bsc#1200045).\n- blk-cgroup: set blkg iostat after percpu stat aggregation (bsc#1198018).\n- blk-iolatency: Fix inflight count imbalances and IO hangs on offline (bsc#1200825).\n- blk-mq: cancel blk-mq dispatch work in both blk_cleanup_queue and disk_release() (bsc#1198034).\n- blk-mq: do not touch -\u003etagset in blk_mq_get_sq_hctx (bsc#1200824).\n- blk-mq: do not update io_ticks with passthrough requests (bsc#1200816).\n- blk-mq: fix tag_get wait task can\u0027t be awakened (bsc#1200263).\n- blk-mq: Fix wrong wakeup batch configuration which will cause hang (bsc#1200263).\n- blktrace: fix use after free for struct blk_trace (bsc#1198017).\n- block: assign bi_bdev for cloned bios in blk_rq_prep_clone (bsc#1198016).\n- block: avoid to quiesce queue in elevator_init_mq (bsc#1198013).\n- block, bfq: fix UAF problem in bfqg_stats_init() (bsc#1194583).\n- block: bio-integrity: Advance seed correctly for larger interval sizes (git-fixes).\n- block: Check ADMIN before NICE for IOPRIO_CLASS_RT (bsc#1198012).\n- block: do not delete queue kobject before its children (bsc#1198019).\n- block: do not merge across cgroup boundaries if blkcg is enabled (bsc#1198020).\n- block: fix async_depth sysfs interface for mq-deadline (bsc#1198015).\n- block: fix bio_clone_blkg_association() to associate with proper blkcg_gq (bsc#1200259).\n- block: Fix handling of offline queues in blk_mq_alloc_request_hctx() (git-fixes).\n- block: fix ioprio_get(IOPRIO_WHO_PGRP) vs setuid(2) (bsc#1194586).\n- block: Fix the maximum minor value is blk_alloc_ext_minor() (bsc#1198021).\n- block: Fix up kabi after blkcg merge fix (bsc#1198020).\n- block: Hold invalidate_lock in BLKRESETZONE ioctl (bsc#1198010).\n- block: limit request dispatch loop duration (bsc#1198022).\n- block/mq-deadline: Improve request accounting further (bsc#1198009).\n- block: Provide blk_mq_sched_get_icq() (bsc#1184318).\n- block: update io_ticks when io hang (bsc#1197817).\n- block/wbt: fix negative inflight counter when remove scsi device (bsc#1197819).\n- Bluetooth: btintel: Fix WBS setting for Intel legacy ROM products (git-fixes).\n- Bluetooth: btmtksdio: Fix kernel oops in btmtksdio_interrupt (git-fixes).\n- Bluetooth: btusb: Add another Realtek 8761BU (git-fixes).\n- Bluetooth: btusb: Add missing Chicony device for Realtek RTL8723BE (bsc#1196779).\n- Bluetooth: btusb: Add one more Bluetooth part for the Realtek RTL8852AE (git-fixes).\n- Bluetooth: btusb: Whitespace fixes for btusb_setup_csr() (git-fixes).\n- Bluetooth: call hci_le_conn_failed with hdev lock in hci_le_conn_failed (git-fixes).\n- Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout (git-fixes).\n- Bluetooth: Fix not checking for valid hdev on bt_dev_{info,warn,err,dbg} (git-fixes).\n- Bluetooth: Fix the creation of hdev-\u003ename (git-fixes).\n- Bluetooth: Fix use after free in hci_send_acl (git-fixes).\n- Bluetooth: hci_qca: Use del_timer_sync() before freeing (git-fixes).\n- Bluetooth: hci_serdev: call init_rwsem() before p-\u003eopen() (git-fixes).\n- Bluetooth: use hdev lock for accept_list and reject_list in conn req (git-fixes).\n- Bluetooth: use hdev lock in activate_scan for hci_is_adv_monitoring (git-fixes).\n- Bluetooth: use memset avoid memory leaks (git-fixes).\n- bnx2x: fix napi API usage sequence (bsc#1198217).\n- bnxt_en: Do not destroy health reporters during reset (bsc#1199736).\n- bnxt_en: Eliminate unintended link toggle during FW reset (bsc#1199736).\n- bnxt_en: Fix active FEC reporting to ethtool (git-fixes).\n- bnxt_en: Fix devlink fw_activate (jsc#SLE-18978).\n- bnxt_en: Fix incorrect multicast rx mask setting when not requested (git-fixes).\n- bnxt_en: Fix occasional ethtool -t loopback test failures (git-fixes).\n- bnxt_en: Fix offline ethtool selftest with RDMA enabled (git-fixes).\n- bnxt_en: Fix possible bnxt_open() failure caused by wrong RFS flag (git-fixes).\n- bnxt_en: Fix unnecessary dropping of RX packets (git-fixes).\n- bnxt_en: Increase firmware message response DMA wait time (git-fixes).\n- bnxt_en: Prevent XDP redirect from running when stopping TX queue (git-fixes).\n- bnxt_en: reserve space inside receive page for skb_shared_info (git-fixes).\n- bnxt_en: Restore the resets_reliable flag in bnxt_open() (jsc#SLE-18978).\n- bnxt_en: Synchronize tx when xdp redirects happen on same ring (git-fixes).\n- bonding: fix data-races around agg_select_timer (git-fixes).\n- bonding: force carrier update when releasing slave (git-fixes).\n- bonding: pair enable_port with slave_arr_updates (git-fixes).\n- bpf: Add check_func_arg_reg_off function (git-fixes).\n- bpf: add config to allow loading modules with BTF mismatches (bsc#1194501).\n- bpf: Avoid races in __bpf_prog_run() for 32bit arches (git-fixes).\n- bpf: Disallow negative offset in check_ptr_off_reg (git-fixes).\n- bpf: Fix comment for helper bpf_current_task_under_cgroup() (git-fixes).\n- bpf: Fix kernel address leakage in atomic cmpxchg\u0027s r0 aux reg (git-fixes).\n- bpf: Fix PTR_TO_BTF_ID var_off check (git-fixes).\n- bpf: Fix UAF due to race between btf_try_get_module and load_module (git-fixes).\n- bpf: Mark PTR_TO_FUNC register initially with zero offset (git-fixes).\n- bpf: Resolve to prog-\u003eaux-\u003edst_prog-\u003etype only for BPF_PROG_TYPE_EXT (git-fixes).\n- bpf: selftests: adapt bpf_iter_task_vma to get_inode_dev() (bsc#927455 bsc#1198585).\n- bpf, selftests: Fix racing issue in btf_skc_cls_ingress test (git-fixes).\n- bpf, selftests: Update test case for atomic cmpxchg on r0 with pointer (git-fixes).\n- bpftool: Fix memory leak in prog_dump() (git-fixes).\n- bpftool: Remove inclusion of utilities.mak from Makefiles (git-fixes).\n- bpftool: Remove unused includes to bpf/bpf_gen_internal.h (git-fixes).\n- bpftool: Remove useless #include to perf-sys.h from map_perf_ring.c (git-fixes).\n- brcmfmac: firmware: Allocate space for default boardrev in nvram (git-fixes).\n- brcmfmac: firmware: Fix crash in brcm_alt_fw_path (git-fixes).\n- brcmfmac: pcie: Declare missing firmware files in pcie.c (git-fixes).\n- brcmfmac: pcie: Fix crashes due to early IRQs (git-fixes).\n- brcmfmac: pcie: Release firmwares in the brcmf_pcie_setup error path (git-fixes).\n- brcmfmac: pcie: Replace brcmf_pcie_copy_mem_todev with memcpy_toio (git-fixes).\n- brcmfmac: sdio: Fix undefined behavior due to shift overflowing the constant (git-fixes).\n- btrfs: add a BTRFS_FS_ERROR helper (bsc#1197915).\n- btrfs: add btrfs_set_item_*_nr() helpers (bsc#1197915).\n- btrfs: add helper to truncate inode items when logging inode (bsc#1197915).\n- btrfs: add missing run of delayed items after unlink during log replay (bsc#1197915).\n- btrfs: add ro compat flags to inodes (bsc#1197915).\n- btrfs: always update the logged transaction when logging new names (bsc#1197915).\n- btrfs: assert that extent buffers are write locked instead of only locked (bsc#1197915).\n- btrfs: avoid attempt to drop extents when logging inode for the first time (bsc#1197915).\n- btrfs: avoid expensive search when dropping inode items from log (bsc#1197915).\n- btrfs: avoid expensive search when truncating inode items from the log (bsc#1197915).\n- btrfs: Avoid live-lock in search_ioctl() on hardware with sub-page (git-fixes)\n- btrfs: avoid search for logged i_size when logging inode if possible (bsc#1197915).\n- btrfs: avoid unnecessarily logging directories that had no changes (bsc#1197915).\n- btrfs: avoid unnecessary lock and leaf splits when updating inode in the log (bsc#1197915).\n- btrfs: avoid unnecessary log mutex contention when syncing log (bsc#1197915).\n- btrfs: change error handling for btrfs_delete_*_in_log (bsc#1197915).\n- btrfs: change handle_fs_error in recover_log_trees to aborts (bsc#1197915).\n- btrfs: check if a log tree exists at inode_logged() (bsc#1197915).\n- btrfs: constify and cleanup variables in comparators (bsc#1197915).\n- btrfs: do not commit delayed inode when logging a file in full sync mode (bsc#1197915).\n- btrfs: do not log new dentries when logging that a new name exists (bsc#1197915).\n- btrfs: do not pin logs too early during renames (bsc#1197915).\n- btrfs: drop the _nr from the item helpers (bsc#1197915).\n- btrfs: eliminate some false positives when checking if inode was logged (bsc#1197915).\n- btrfs: factor out the copying loop of dir items from log_dir_items() (bsc#1197915).\n- btrfs: fix lost prealloc extents beyond eof after full fsync (bsc#1197915).\n- btrfs: fix lzo_decompress_bio() kmap leakage (bsc#1193852).\n- btrfs: fix memory leak in __add_inode_ref() (bsc#1197915).\n- btrfs: fix missing last dir item offset update when logging directory (bsc#1197915).\n- btrfs: fix re-dirty process of tree-log nodes (bsc#1197915).\n- btrfs: improve the batch insertion of delayed items (bsc#1197915).\n- btrfs: insert items in batches when logging a directory when possible (bsc#1197915).\n- btrfs: introduce btrfs_lookup_match_dir (bsc#1197915).\n- btrfs: introduce item_nr token variant helpers (bsc#1197915).\n- btrfs: keep track of the last logged keys when logging a directory (bsc#1197915).\n- btrfs: loop only once over data sizes array when inserting an item batch (bsc#1197915).\n- btrfs: make btrfs_file_extent_inline_item_len take a slot (bsc#1197915).\n- btrfs: only copy dir index keys when logging a directory (bsc#1197915).\n- btrfs: remove no longer needed checks for NULL log context (bsc#1197915).\n- btrfs: remove no longer needed full sync flag check at inode_logged() (bsc#1197915).\n- btrfs: remove no longer needed logic for replaying directory deletes (bsc#1197915).\n- btrfs: remove redundant log root assignment from log_dir_items() (bsc#1197915).\n- btrfs: remove root argument from add_link() (bsc#1197915).\n- btrfs: remove root argument from btrfs_log_inode() and its callees (bsc#1197915).\n- btrfs: remove root argument from btrfs_unlink_inode() (bsc#1197915).\n- btrfs: remove root argument from check_item_in_log() (bsc#1197915).\n- btrfs: remove root argument from drop_one_dir_item() (bsc#1197915).\n- btrfs: remove the btrfs_item_end() helper (bsc#1197915).\n- btrfs: remove unnecessary list head initialization when syncing log (bsc#1197915).\n- btrfs: remove unneeded return variable in btrfs_lookup_file_extent (bsc#1197915).\n- btrfs: rename btrfs_item_end_nr to btrfs_item_data_end (bsc#1197915).\n- btrfs: stop doing GFP_KERNEL memory allocations in the ref verify tool (bsc#1197915).\n- btrfs: unexport setup_items_for_insert() (bsc#1197915).\n- btrfs: unify lookup return value when dir entry is missing (bsc#1197915).\n- btrfs: update comment at log_conflicting_inodes() (bsc#1197915).\n- btrfs: use btrfs_item_size_nr/btrfs_item_offset_nr everywhere (bsc#1197915).\n- btrfs: use btrfs_next_leaf instead of btrfs_next_item when slots \u003e nritems (bsc#1197915).\n- btrfs: use single bulk copy operations when logging directories (bsc#1197915).\n- bus: fsl-mc-bus: fix KASAN use-after-free in fsl_mc_bus_remove() (git-fixes).\n- bus: sunxi-rsb: Fix the return value of sunxi_rsb_device_create() (git-fixes).\n- bus: ti-sysc: Fix warnings for unbind for serial (git-fixes).\n- bus: ti-sysc: Make omap3 gpt12 quirk handling SoC specific (git-fixes).\n- caif_virtio: fix race between virtio_device_ready() and ndo_open() (git-fixes).\n- can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path (git-fixes).\n- can: etas_es58x: change opened_channel_cnt\u0027s type from atomic_t to u8 (git-fixes).\n- can: etas_es58x: es58x_fd_rx_event_msg(): initialize rx_event_msg before calling es58x_check_msg_len() (git-fixes).\n- can: grcan: grcan_close(): fix deadlock (git-fixes).\n- can: grcan: grcan_probe(): fix broken system id check for errata workaround needs (git-fixes).\n- can: grcan: only use the NAPI poll budget for RX (git-fixes).\n- can: grcan: use ofdev-\u003edev when allocating DMA memory (git-fixes).\n- can: gs_usb: change active_channels\u0027s type from atomic_t to u8 (git-fixes).\n- can: isotp: fix error path in isotp_sendmsg() to unlock wait queue (git-fixes).\n- can: isotp: fix potential CAN frame reception race in isotp_rcv() (git-fixes).\n- can: isotp: restore accidentally removed MSG_PEEK feature (git-fixes).\n- can: isotp: return -EADDRNOTAVAIL when reading from unbound socket (git-fixes).\n- can: isotp: set default value for N_As to 50 micro seconds (git-fixes).\n- can: isotp: stop timeout monitoring when no first frame was sent (git-fixes).\n- can: isotp: support MSG_TRUNC flag when reading from socket (git-fixes).\n- can: m_can: m_can_tx_handler(): fix use after free of skb (git-fixes).\n- can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path (git-fixes).\n- can: mcba_usb: properly check endpoint type (git-fixes).\n- can: mcp251xfd: mcp251xfd_register_get_dev_id(): fix return of error value (git-fixes).\n- can: mcp251xfd: silence clang\u0027s -Wunaligned-access warning (git-fixes).\n- can: rcar_canfd: rcar_canfd_channel_probe(): register the CAN device when fully ready (git-fixes).\n- can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path (git-fixes).\n- can: xilinx_can: mark bit timing constants as const (git-fixes).\n- carl9170: fix missing bit-wise or operator for tx_params (git-fixes).\n- carl9170: tx: fix an incorrect use of list iterator (git-fixes).\n- CDC-NCM: avoid overflow in sanity checking (git-fixes).\n- ceph: fix setting of xattrs on async created inodes (bsc#1199611).\n- certs/blacklist_hashes.c: fix const confusion in certs blacklist (git-fixes).\n- cfg80211: declare MODULE_FIRMWARE for regulatory.db (git-fixes).\n- cfg80211: do not add non transmitted BSS to 6GHz scanned channels (git-fixes).\n- cfg80211: fix race in netlink owner interface destruction (git-fixes).\n- cfg80211: hold bss_lock while updating nontrans_list (git-fixes).\n- cgroup/cpuset: Fix a race between cpuset_attach() and cpu hotplug (bsc#1196869).\n- cgroup/cpuset: Fix \u0027suspicious RCU usage\u0027 lockdep warning (bsc#1196868).\n- cgroup/cpuset: Remove cpus_allowed/mems_allowed setup in cpuset_init_smp() (bsc#1199839).\n- cgroup-v1: Correct privileges check in release_agent writes (bsc#1196723).\n- char: tpm: cr50_i2c: Suppress duplicated error message in .remove() (git-fixes).\n- char: xillybus: fix a refcount leak in cleanup_dev() (git-fixes).\n- cifs: add WARN_ON for when chan_count goes below minimum (bsc#1193629).\n- cifs: adjust DebugData to use chans_need_reconnect for conn status (bsc#1193629).\n- cifs: alloc_path_with_tree_prefix: do not append sep. if the path is empty (bsc#1193629).\n- cifs: avoid parallel session setups on same channel (bsc#1193629).\n- cifs: avoid race during socket reconnect between send and recv (bsc#1193629).\n- cifs: call cifs_reconnect when a connection is marked (bsc#1193629).\n- cifs: call helper functions for marking channels for reconnect (bsc#1193629).\n- cifs: change smb2_query_info_compound to use a cached fid, if available (bsc#1193629).\n- cifs: check for smb1 in open_cached_dir() (bsc#1193629).\n- cifs: check reconnects for channels of active tcons too (bsc#1193629).\n- cifs: Check the IOCB_DIRECT flag, not O_DIRECT (bsc#1193629).\n- cifs: cifs_ses_mark_for_reconnect should also update reconnect bits (bsc#1193629).\n- cifs: clean up an inconsistent indenting (bsc#1193629).\n- cifs: convert the path to utf16 in smb2_query_info_compound (bsc#1193629).\n- cifs: destage any unwritten data to the server before calling copychunk_write (bsc#1193629).\n- cifs: do not build smb1ops if legacy support is disabled (bsc#1193629).\n- cifs: do not call cifs_dfs_query_info_nonascii_quirk() if nodfs was set (bsc#1193629).\n- cifs: do not skip link targets when an I/O fails (bsc#1194625).\n- cifs: do not use tcpStatus after negotiate completes (bsc#1193629).\n- cifs: do not use uninitialized data in the owner/group sid (bsc#1193629).\n- cifs: fix bad fids sent over wire (bsc#1197157).\n- cifs: fix confusing unneeded warning message on smb2.1 and earlier (bsc#1193629).\n- cifs: fix double free race when mount fails in cifs_get_root() (bsc#1193629).\n- cifs: fix FILE_BOTH_DIRECTORY_INFO definition (bsc#1193629).\n- cifs: fix handlecache and multiuser (bsc#1193629).\n- cifs: fix hang on cifs_get_next_mid() (bsc#1193629).\n- cifs: fix incorrect use of list iterator after the loop (bsc#1193629).\n- cifs: fix minor compile warning (bsc#1193629).\n- cifs: fix NULL ptr dereference in refresh_mounts() (bsc#1193629).\n- cifs: fix potential deadlock in direct reclaim (bsc#1193629).\n- cifs: fix potential double free during failed mount (bsc#1193629).\n- cifs: fix potential race with cifsd thread (bsc#1193629).\n- cifs: fix set of group SID via NTSD xattrs (bsc#1193629).\n- cifs: fix signed integer overflow when fl_end is OFFSET_MAX (bsc#1193629).\n- cifs: Fix smb311_update_preauth_hash() kernel-doc comment (bsc#1193629).\n- cifs: fix the cifs_reconnect path for DFS (bsc#1193629).\n- cifs: fix the connection state transitions with multichannel (bsc#1193629).\n- cifs: fix uninitialized pointer in error case in dfs_cache_get_tgt_share (bsc#1193629).\n- cifs: fix workstation_name for multiuser mounts (bsc#1193629).\n- cifs: force new session setup and tcon for dfs (bsc#1193629).\n- cifs: free ntlmsspblob allocated in negotiate (bsc#1193629).\n- cifs: maintain a state machine for tcp/smb/tcon sessions (bsc#1193629).\n- cifs: make status checks in version independent callers (bsc#1193629).\n- cifs: mark sessions for reconnection in helper function (bsc#1193629).\n- cifs: modefromsids must add an ACE for authenticated users (bsc#1193629).\n- cifs: move definition of cifs_fattr earlier in cifsglob.h (bsc#1193629).\n- cifs: move superblock magic defitions to magic.h (bsc#1193629).\n- cifs: potential buffer overflow in handling symlinks (bsc#1193629).\n- cifs: print TIDs as hex (bsc#1193629).\n- cifs: protect all accesses to chan_* with chan_lock (bsc#1193629).\n- cifs: quirk for STATUS_OBJECT_NAME_INVALID returned for non-ASCII dfs refs (bsc#1193629).\n- cifs: reconnect only the connection and not smb session where possible (bsc#1193629).\n- cifs: release cached dentries only if mount is complete (bsc#1193629).\n- cifs: remove check of list iterator against head past the loop body (bsc#1193629).\n- cifs: remove redundant assignment to pointer p (bsc#1193629).\n- cifs: remove repeated debug message on cifs_put_smb_ses() (bsc#1193629).\n- cifs: remove repeated state change in dfs tree connect (bsc#1193629).\n- cifs: remove unused variable ses_selected (bsc#1193629).\n- cifs: return ENOENT for DFS lookup_cache_entry() (bsc#1193629).\n- cifs: return the more nuanced writeback error on close() (bsc#1193629).\n- cifs: serialize all mount attempts (bsc#1193629).\n- cifs: set the CREATE_NOT_FILE when opening the directory in use_cached_dir() (bsc#1193629).\n- cifs: skip trailing separators of prefix paths (bsc#1193629).\n- cifs: smbd: fix typo in comment (bsc#1193629).\n- cifs: Split the smb3_add_credits tracepoint (bsc#1193629).\n- cifs: take cifs_tcp_ses_lock for status checks (bsc#1193629).\n- cifs: track individual channel status using chans_need_reconnect (bsc#1193629).\n- cifs: unlock chan_lock before calling cifs_put_tcp_session (bsc#1193629).\n- cifs: update internal module number (bsc#1193629).\n- cifs: update tcpStatus during negotiate and sess setup (bsc#1193629).\n- cifs: use a different reconnect helper for non-cifsd threads (bsc#1193629).\n- cifs: use correct lock type in cifs_reconnect() (bsc#1193629).\n- cifs: Use kzalloc instead of kmalloc/memset (bsc#1193629).\n- cifs: use new enum for ses_status (bsc#1193629).\n- cifs: use the chans_need_reconnect bitmap for reconnect status (bsc#1193629).\n- cifs: verify that tcon is valid before dereference in cifs_kill_sb (bsc#1193629).\n- cifs: version operations for smb20 unneeded when legacy support disabled (bsc#1193629).\n- cifs: we do not need a spinlock around the tree access during umount (bsc#1193629).\n- cifs: when extending a file with falloc we should make files not-sparse (bsc#1193629).\n- cifs: writeback fix (bsc#1193629).\n- clk: actions: Terminate clk_div_table with sentinel element (git-fixes).\n- clk: at91: generated: consider range when calculating best rate (git-fixes).\n- clk: at91: sama7g5: fix parents of PDMCs\u0027 GCLK (git-fixes).\n- clk: bcm2835: fix bcm2835_clock_choose_div (git-fixes).\n- clk: bcm2835: Remove unused variable (git-fixes).\n- clk: clps711x: Terminate clk_div_table with sentinel element (git-fixes).\n- clk: Enforce that disjoints limits are invalid (git-fixes).\n- clk: Fix clk_hw_get_clk() when dev is NULL (git-fixes).\n- clk: hisilicon: Terminate clk_div_table with sentinel element (git-fixes).\n- clk: imx7d: Remove audio_mclk_root_clk (git-fixes).\n- clk: imx8mp: fix usb_root_clk parent (git-fixes).\n- clk: imx: Add check for kcalloc (git-fixes).\n- clk: imx: off by one in imx_lpcg_parse_clks_from_dt() (git-fixes).\n- clk: imx: scu: Use pm_runtime_resume_and_get to fix pm_runtime_get_sync() usage (git-fixes).\n- clk: Initialize orphan req_rate (git-fixes).\n- clk: jz4725b: fix mmc0 clock gating (git-fixes).\n- clk: loongson1: Terminate clk_div_table with sentinel element (git-fixes).\n- clk: nxp: Remove unused variable (git-fixes).\n- clk: qcom: clk-rcg2: Update logic to calculate D value for RCG (git-fixes).\n- clk: qcom: clk-rcg2: Update the frac table for pixel clock (git-fixes).\n- clk: qcom: gcc-msm8994: Fix gpll4 width (git-fixes).\n- clk: qcom: ipq8074: fix PCI-E clock oops (git-fixes).\n- clk: qcom: ipq8074: Use floor ops for SDCC1 clock (git-fixes).\n- clk: renesas: r9a06g032: Fix the RTC hclock description (git-fixes).\n- clk: rockchip: drop CLK_SET_RATE_PARENT from dclk_vop* on rk3568 (git-fixes).\n- clk: si5341: fix reported clk_rate when output divider is 2 (git-fixes).\n- clk: sunxi: sun9i-mmc: check return value after calling platform_get_resource() (git-fixes).\n- clk: tegra: Add missing reset deassertion (git-fixes).\n- clk: tegra: tegra124-emc: Fix missing put_device() call in emc_ensure_emc_driver (git-fixes).\n- clk: ti: Preserve node in ti_dt_clocks_register() (git-fixes).\n- clk: uniphier: Fix fixed-rate initialization (git-fixes).\n- clocksource: acpi_pm: fix return value of __setup handler (git-fixes).\n- clocksource/drivers/exynos_mct: Handle DTS with higher number of interrupts (git-fixes).\n- clocksource/drivers/exynos_mct: Refactor resources allocation (git-fixes).\n- clocksource/drivers/oxnas-rps: Fix irq_of_parse_and_map() return value (git-fixes).\n- clocksource/drivers/sp804: Avoid error on multiple instances (git-fixes).\n- clocksource/drivers/timer-microchip-pit64b: Use notrace (git-fixes).\n- clocksource/drivers/timer-of: Check return value of of_iomap in timer_of_base_init() (git-fixes).\n- clocksource/drivers/timer-ti-dm: Fix regression from errata i940 fix (git-fixes).\n- clocksource: hyper-v: unexport __init-annotated hv_init_clocksource() (bsc#1201218).\n- comedi: drivers: ni_routes: Use strcmp() instead of memcmp() (git-fixes).\n- comedi: vmk80xx: fix expression for tx buffer size (git-fixes).\n- copy_process(): Move fd_install() out of sighand-\u003esiglock critical section (bsc#1199626).\n- cpufreq-fix-memory-leak-in-sun50i_cpufreq_nvmem_prob.patch: (git-fixes).\n- cpufreq: intel_pstate: Add Ice Lake server to out-of-band IDs (bsc#1201228).\n- cpufreq: qcom-cpufreq-nvmem: fix reading of PVS Valid fuse (git-fixes).\n- cpuidle,intel_idle: Fix CPUIDLE_FLAG_IRQ_ENABLE (git-fixes).\n- cpuidle: intel_idle: Update intel_idle() kerneldoc comment (git-fixes).\n- cpuset: Fix the bug that subpart_cpus updated wrongly in update_cpumask() (bsc#1196866).\n- cputime, cpuacct: Include guest time in user time in (git-fixes)\n- crypto: amlogic - call finalize with bh disabled (git-fixes).\n- crypto: api - Move cryptomgr soft dependency into algapi (git-fixes).\n- crypto: arm/aes-neonbs-cbc - Select generic cbc and aes (git-fixes).\n- crypto: authenc - Fix sleep in atomic context in decrypt_tail (git-fixes).\n- crypto: caam - fix i.MX6SX entropy delay value (git-fixes).\n- crypto: cavium/nitrox - do not cast parameter in bit operations (git-fixes).\n- crypto: ccp - ccp_dmaengine_unregister release dma channels (git-fixes).\n- crypto: ccree - do not attempt 0 len DMA mappings (git-fixes).\n- crypto: ccree - Fix use after free in cc_cipher_exit() (git-fixes).\n- crypto: ccree - use fine grained DMA mapping dir (git-fixes).\n- crypto: cryptd - Protect per-CPU resource by disabling BH (git-fixes).\n- crypto: ecrdsa - Fix incorrect use of vli_cmp (git-fixes).\n- crypto: engine - check if BH is disabled during completion (git-fixes).\n- crypto: gemini - call finalize with bh disabled (git-fixes).\n- crypto: hisilicon/qm - cleanup warning in qm_vf_read_qos (git-fixes).\n- crypto: hisilicon/sec - fix the aead software fallback for engine (git-fixes).\n- crypto: hisilicon/sec - not need to enable sm4 extra mode at HW V3 (git-fixes).\n- crypto: marvell/cesa - ECB does not IV (git-fixes).\n- crypto: mxs-dcp - Fix scatterlist processing (git-fixes).\n- crypto: octeontx2 - remove CONFIG_DM_CRYPT check (git-fixes).\n- crypto: qat - disable registration of algorithms (git-fixes).\n- crypto: qat - do not cast parameter in bit operations (git-fixes).\n- crypto: qcom-rng - ensure buffer for generate is completely filled (git-fixes).\n- crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ (git-fixes).\n- crypto: rockchip - ECB does not need IV (git-fixes).\n- crypto: rsa-pkcs1pad - correctly get hash from source scatterlist (git-fixes).\n- crypto: rsa-pkcs1pad - fix buffer overread in pkcs1pad_verify_complete() (git-fixes).\n- crypto: rsa-pkcs1pad - only allow with rsa (git-fixes).\n- crypto: rsa-pkcs1pad - restore signature length check (git-fixes).\n- crypto: stm32 - fix reference leak in stm32_crc_remove (git-fixes).\n- crypto: sun8i-ce - call finalize with bh disabled (git-fixes).\n- crypto: sun8i-ss - call finalize with bh disabled (git-fixes).\n- crypto: sun8i-ss - handle zero sized sg (git-fixes).\n- crypto: sun8i-ss - really disable hash on A80 (git-fixes).\n- crypto: sun8i-ss - rework handling of IV (git-fixes).\n- crypto: vmx - add missing dependencies (git-fixes).\n- crypto: x86/chacha20 - Avoid spurious jumps to other functions (git-fixes).\n- crypto: x86 - eliminate anonymous module_init and module_exit (git-fixes).\n- crypto: xts - Add softdep on ecb (git-fixes).\n- dax: fix cache flush on PMD-mapped pages (bsc#1200830).\n- devlink: Add \u0027enable_iwarp\u0027 generic device param (bsc#1200502).\n- dim: initialize all struct fields (git-fixes).\n- display/amd: decrease message verbosity about watermarks table failure (git-fixes).\n- dma: at_xdmac: fix a missing check on list iterator (git-fixes).\n- dma-buf: fix use of DMA_BUF_SET_NAME_{A,B} in userspace (git-fixes).\n- dma-buf: heaps: Fix potential spectre v1 gadget (git-fixes).\n- dma-debug: fix return value of __setup handlers (git-fixes).\n- dma-direct: avoid redundant memory sync for swiotlb (git-fixes).\n- dmaengine: dw-edma: Fix unaligned 64bit access (git-fixes).\n- dmaengine: hisi_dma: fix MSI allocate fail when reload hisi_dma (git-fixes).\n- dmaengine: idxd: add missing callback function to support DMA_INTERRUPT (git-fixes).\n- dmaengine: idxd: add RO check for wq max_batch_size write (git-fixes).\n- dmaengine: idxd: add RO check for wq max_transfer_size write (git-fixes).\n- dmaengine: idxd: check GENCAP config support for gencfg register (git-fixes).\n- dmaengine: idxd: fix device cleanup on disable (git-fixes).\n- dmaengine: idxd: Fix the error handling path in idxd_cdev_register() (git-fixes).\n- dmaengine: idxd: restore traffic class defaults after wq reset (git-fixes).\n- dmaengine: idxd: set DMA_INTERRUPT cap bit (git-fixes).\n- dmaengine: idxd: skip clearing device context when device is read-only (git-fixes).\n- dmaengine: imx-sdma: Fix error checking in sdma_event_remap (git-fixes).\n- dmaengine: mediatek:Fix PM usage reference leak of mtk_uart_apdma_alloc_chan_resources (git-fixes).\n- dmaengine: ptdma: fix concurrency issue with multiple dma transfer (jsc#SLE-21315).\n- dmaengine: ptdma: Fix the error handling path in pt_core_init() (git-fixes).\n- dmaengine: ptdma: handle the cases based on DMA is complete (jsc#SLE-21315).\n- dmaengine: Revert \u0027dmaengine: shdma: Fix runtime PM imbalance on error\u0027 (git-fixes).\n- dmaengine: shdma: Fix runtime PM imbalance on error (git-fixes).\n- dmaengine: sh: rcar-dmac: Check for error num after dma_set_max_seg_size (git-fixes).\n- dmaengine: sh: rcar-dmac: Check for error num after setting mask (git-fixes).\n- dmaengine: stm32-dmamux: Fix PM disable depth imbalance in stm32_dmamux_probe (git-fixes).\n- dmaengine: stm32-mdma: fix chan initialization in stm32_mdma_irq_handler() (git-fixes).\n- dmaengine: stm32-mdma: remove GISR1 register (git-fixes).\n- dmaengine: zynqmp_dma: In struct zynqmp_dma_chan fix desc_size data type (git-fixes).\n- dma-mapping: remove bogus test for pfn_valid from dma_map_resource (git-fixes).\n- dma/pool: create dma atomic pool only if dma zone has managed pages (bsc#1197501).\n- dm crypt: fix get_key_size compiler warning if !CONFIG_KEYS (git-fixes).\n- dm: fix use-after-free in dm_cleanup_zoned_dev() (git-fixes).\n- dm integrity: fix error code in dm_integrity_ctr() (git-fixes).\n- dm integrity: set journal entry unused when shrinking device (git-fixes).\n- dm mirror log: round up region bitmap size to BITS_PER_LONG (git-fixes).\n- dm mpath: only use ktime_get_ns() in historical selector (git-fixes).\n- dm verity: set DM_TARGET_IMMUTABLE feature flag (git-fixes).\n- doc/ip-sysctl: add bc_forwarding (git-fixes).\n- docs/conf.py: Cope with removal of language=None in Sphinx 5.0.0 (git-fixes).\n- Documentation: add link to stable release candidate tree (git-fixes).\n- Documentation: dd: Use ReST lists for return values of driver_deferred_probe_check_state() (git-fixes).\n- Documentation: Fix duplicate statement about raw_spinlock_t type (git-fixes).\n- Documentation: update stable tree link (git-fixes).\n- do not call utsname() after -\u003ensproxy is NULL (bsc#1201196).\n- drbd: fix an invalid memory access caused by incorrect use of list iterator (git-fixes).\n- drbd: fix duplicate array initializer (git-fixes).\n- drbd: Fix five use after free bugs in get_initial_state (git-fixes).\n- drbd: remove assign_p_sizes_qlim (git-fixes).\n- drbd: use bdev_alignment_offset instead of queue_alignment_offset (git-fixes).\n- drbd: use bdev based limit helpers in drbd_send_sizes (git-fixes).\n- driver base: fix an unlikely reference counting issue in __add_memory_block() (git-fixes).\n- driver base: fix compaction sysfs file leak (git-fixes).\n- driver: base: fix UAF when driver_attach failed (git-fixes).\n- driver core: dd: fix return value of __setup handler (git-fixes).\n- driver core: fix deadlock in __device_attach (git-fixes).\n- driver core: Fix wait_for_device_probe() and deferred_probe_timeout interaction (git-fixes).\n- driver core: Free DMA range map when device is released (git-fixes).\n- driver: hv: Compare cpumasks and not their weights in init_vp_index() (git-fixes).\n- driver: hv: log when enabling crash_kexec_post_notifiers (git-fixes).\n- driver: hv: Rename \u0027alloced\u0027 to \u0027allocated\u0027 (git-fixes).\n- driver: hv: utils: Make use of the helper macro LIST_HEAD() (git-fixes).\n- driver: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj (git-fixes).\n- driver: hv: vmbus: Fix potential crash on module unload (git-fixes).\n- driver: hv: vmbus: Use struct_size() helper in kmalloc() (git-fixes).\n- driver: i2c: thunderx: Allow driver to work with ACPI defined TWSI controllers (git-fixes).\n- driver: net: xgene: Fix regression in CRC stripping (git-fixes).\n- drivers: cpufreq: Add missing of_node_put() in qoriq-cpufreq.c (git-fixes).\n- drivers: mmc: sdhci_am654: Add the quirk to set TESTCD bit (git-fixes).\n- drivers: staging: rtl8192bs: Fix deadlock in rtw_joinbss_event_prehandle() (git-fixes).\n- drivers: staging: rtl8192e: Fix deadlock in rtllib_beacons_stop() (git-fixes).\n- drivers: staging: rtl8192u: Fix deadlock in ieee80211_beacons_stop() (git-fixes).\n- drivers: staging: rtl8723bs: Fix deadlock in rtw_surveydone_event_callback() (git-fixes).\n- drivers: tty: serial: Fix deadlock in sa1100_set_termios() (git-fixes).\n- drivers: usb: host: Fix deadlock in oxu_bus_suspend() (git-fixes).\n- drm: add a locked version of drm_is_current_master (git-fixes).\n- drm: Add orientation quirk for GPD Win Max (git-fixes).\n- drm/amd: Add USBC connector ID (git-fixes).\n- drm/amd/amdgpu/amdgpu_cs: fix refcount leak of a dma_fence obj (git-fixes).\n- drm/amd: avoid suspend on dGPUs w/ s2idle support when runtime PM enabled (git-fixes).\n- drm/amd: Check if ASPM is enabled from PCIe subsystem (git-fixes).\n- drm/amd/display: Add affected crtcs to atomic state for dsc mst unplug (git-fixes).\n- drm/amd/display: Add pstate verification and recovery for DCN31 (git-fixes).\n- drm/amd/display: Add signal type check when verify stream backends same (git-fixes).\n- drm/amd/display: Avoid reading audio pattern past AUDIO_CHANNELS_COUNT (git-fixes).\n- drm/amd/display: Cap OLED brightness per max frame-average luminance (git-fixes).\n- drm/amd/display: Cap pflip irqs per max otg number (git-fixes).\n- drm/amd/display: Check if modulo is 0 before dividing (git-fixes).\n- drm/amd/display: DCN3.1: do not mark as kernel-doc (git-fixes).\n- drm/amd/display: Disabling Z10 on DCN31 (git-fixes).\n- drm/amd/display: do not ignore alpha property on pre-multiplied mode (git-fixes).\n- drm/amd/display: Do not reinitialize DMCUB on s0ix resume (git-fixes).\n- drm/amd/display: Enable power gating before init_pipes (git-fixes).\n- drm/amd/display: FEC check in timing validation (git-fixes).\n- drm/amd/display: Fix allocate_mst_payload assert on resume (git-fixes).\n- drm/amd/display: Fix a NULL pointer dereference in amdgpu_dm_connector_add_common_modes() (git-fixes).\n- drm/amd/display: fix audio format not updated after edid updated (git-fixes).\n- drm/amd/display: Fix memory leak (git-fixes).\n- drm/amd/display: Fix memory leak in dcn21_clock_source_create (bsc#1190786)\n- drm/amd/display: Fix OLED brightness control on eDP (git-fixes).\n- drm/amd/display: Fix p-state allow debug index on dcn31 (git-fixes).\n- drm/amd/display: fix yellow carp wm clamping (git-fixes).\n- drm/amd/display: Force link_rate as LINK_RATE_RBR2 for 2018 15\u0027 Apple Retina panels (git-fixes).\n- drm/amd/display: For vblank_disable_immediate, check PSR is really used (git-fixes).\n- drm/amd/display: Protect update_bw_bounding_box FPU code (git-fixes).\n- drm/amd/display: Read Golden Settings Table from VBIOS (git-fixes).\n- drm/amd/display: Remove vupdate_int_entry definition (git-fixes).\n- drm/amd/display: Revert FEC check in validation (git-fixes).\n- drm/amd/display: Update VTEM Infopacket definition (git-fixes).\n- drm/amd/display: Update watermark values for DCN301 (git-fixes).\n- drm/amd/display: Use adjusted DCN301 watermarks (git-fixes).\n- drm/amd/display: Use PSR version selected during set_psr_caps (git-fixes).\n- drm/amd/display: watermark latencies is not enough on DCN31 (git-fixes).\n- drm/amdgpu: add beige goby PCI ID (git-fixes).\n- drm/amdgpu: bypass tiling flag check in virtual display case (v2) (git-fixes).\n- drm/amdgpu: check vm ready by amdgpu_vm-\u003eevicting flag (git-fixes).\n- drm/amdgpu: conduct a proper cleanup of PDB bo (git-fixes).\n- drm/amdgpu/cs: make commands with 0 chunks illegal behaviour (git-fixes).\n- drm/amdgpu: disable MMHUB PG for Picasso (git-fixes).\n- drm/amdgpu/display: add support for multiple backlights (git-fixes).\n- drm/amdgpu: do not do resets on APUs which do not support it (git-fixes).\n- drm/amdgpu: do not enable asic reset for raven2 (git-fixes).\n- drm/amdgpu: do not set s3 and s0ix at the same time (git-fixes).\n- drm/amdgpu: do not use BACO for reset in S3 (git-fixes).\n- drm/amdgpu: do not use passthrough mode in Xen dom0 (git-fixes).\n- drm/amdgpu: Drop inline from amdgpu_ras_eeprom_max_record_count (git-fixes).\n- drm/amdgpu: Enable gfxoff quirk on MacBook Pro (git-fixes).\n- drm/amdgpu: Ensure HDA function is suspended before ASIC reset (git-fixes).\n- drm/amdgpu: explicitly check for s0ix when evicting resources (git-fixes).\n- drm/amdgpu: fix amdgpu_ras_block_late_init error handler (bsc#1190497)\n- drm/amdgpu: fix logic inversion in check (git-fixes).\n- drm/amdgpu: fix off by one in amdgpu_gfx_kiq_acquire() (git-fixes).\n- drm/amdgpu: Fix recursive locking warning (git-fixes).\n- drm/amdgpu: fix suspend/resume hang regression (git-fixes).\n- drm/amdgpu/sdma: Fix incorrect calculations of the wptr of the doorbells (git-fixes).\n- drm/amdgpu: skipping SDMA hw_init and hw_fini for S0ix (git-fixes).\n- drm/amdgpu/smu10: fix SoC/fclk units in auto mode (git-fixes).\n- drm/amdgpu: suppress the warning about enum value \u0027AMD_IP_BLOCK_TYPE_NUM\u0027 (git-fixes).\n- drm/amdgpu/ucode: Remove firmware load type check in amdgpu_ucode_free_bo (git-fixes).\n- drm/amdgpu: unify BO evicting method in amdgpu_ttm (git-fixes).\n- drm/amdgpu: update VCN codec support for Yellow Carp (git-fixes).\n- drm/amdgpu/vcn: Fix the register setting for vcn1 (git-fixes).\n- drm/amdgpu/vcn: improve vcn dpg stop procedure (git-fixes).\n- drm/amdgpu: vi: disable ASPM on Intel Alder Lake based systems (bsc#1190786)\n- drm/amdkfd: add pinned BOs to kfd_bo_list (git-fixes).\n- drm/amdkfd: Check for potential null return of kmalloc_array() (git-fixes).\n- drm/amdkfd: Create file descriptor after client is added to smi_clients list (git-fixes).\n- drm/amdkfd: Do not take process mutex for svm ioctls (git-fixes).\n- drm/amdkfd: Fix GWS queue count (bsc#1190786)\n- drm/amdkfd: Fix Incorrect VMIDs passed to HWS (git-fixes).\n- drm/amdkfd: make CRAT table missing message informational only (git-fixes).\n- drm/amdkfd: remove unused function (git-fixes).\n- drm/amdkfd: Separate pinned BOs destruction from general routine (bsc#1195287).\n- drm/amdkfd: Use mmget_not_zero in MMU notifier (git-fixes).\n- drm/amd/pm: correct the MGpuFanBoost support for Beige Goby (git-fixes).\n- drm/amd/pm: correct the sequence of sending gpu reset msg (git-fixes).\n- drm/amd/pm: correct UMD pstate clocks for Dimgrey Cavefish and Beige Goby (git-fixes).\n- drm/amd/pm: enable pm sysfs write for one VF mode (git-fixes).\n- drm/amd/pm: fix hwmon node of power1_label create issue (git-fixes).\n- drm/amd/pm: Fix missing thermal throttler status (git-fixes).\n- drm/amd/pm: fix some OEM SKU specific stability issues (git-fixes).\n- drm/amd/pm: return -ENOTSUPP if there is no get_dpm_ultimate_freq function (git-fixes).\n- drm/amd/pm: update smartshift powerboost calc for smu12 (git-fixes).\n- drm/amd/pm: update smartshift powerboost calc for smu13 (git-fixes).\n- drm/amd/pm: use bitmap_{from,to}_arr32 where appropriate (git-fixes).\n- drm/ast: Create threshold values for AST2600 (bsc#1190786)\n- drm/atomic: Do not pollute crtc_state-\u003emode_blob with error pointers (git-fixes).\n- drm/atomic: Force bridge self-refresh-exit on CRTC switch (git-fixes).\n- drm: avoid circular locks in drm_mode_getconnector (git-fixes).\n- drm/blend: fix typo in the comment (git-fixes).\n- drm/bridge: Add missing pm_runtime_disable() in __dw_mipi_dsi_probe (git-fixes).\n- drm/bridge: Add missing pm_runtime_put_sync (git-fixes).\n- drm/bridge: adv7511: clean up CEC adapter when probe fails (git-fixes).\n- drm: bridge: adv7511: Fix ADV7535 HPD enablement (git-fixes).\n- drm/bridge: analogix_dp: Grab runtime PM reference for DP-AUX (git-fixes).\n- drm/bridge: analogix_dp: Support PSR-exit to disable transition (git-fixes).\n- drm/bridge: anx7625: Fix overflow issue on reading EDID (git-fixes).\n- drm/bridge: cdns-dsi: Make sure to to create proper aliases for dt (git-fixes).\n- drm/bridge: dw-hdmi: use safe format when first in bridge chain (git-fixes).\n- drm/bridge: Fix error handling in analogix_dp_probe (git-fixes).\n- drm/bridge: Fix free wrong object in sii8620_init_rcp_input_dev (git-fixes).\n- drm: bridge: fix unmet dependency on DRM_KMS_HELPER for DRM_PANEL_BRIDGE (git-fixes).\n- drm: bridge: icn6211: Fix HFP_HSW_HBP_HI and HFP_MIN handling (bsc#1190786)\n- drm: bridge: icn6211: Fix register layout (git-fixes).\n- drm: bridge: it66121: Fix the register page length (git-fixes).\n- drm/bridge: nwl-dsi: Fix PM disable depth imbalance in nwl_dsi_probe (git-fixes).\n- drm/bridge: sn65dsi83: Fix an error handling path in (bsc#1190786)\n- drm/bridge: ti-sn65dsi83: Handle dsi_lanes == 0 as invalid (git-fixes).\n- drm/bridge: ti-sn65dsi86: Properly undo autosuspend (git-fixes).\n- drm/cma-helper: Set VM_DONTEXPAND for mmap (git-fixes).\n- drm/connector: Fix typo in output format (bsc#1190786)\n- drm/doc: overview before functions for drm_writeback.c (git-fixes).\n- drm/dp: Fix OOB read when handling Post Cursor2 register (bsc#1190786)\n- drm/edid: Always set RGB444 (git-fixes).\n- drm/edid: check basic audio support on CEA extension block (git-fixes).\n- drm/edid: Do not clear formats if using deep color (git-fixes).\n- drm/edid: fix CEA extension byte #3 parsing (bsc#1190786)\n- drm/edid: fix invalid EDID extension block filtering (git-fixes).\n- drm/etnaviv: check for reaped mapping in etnaviv_iommu_unmap_gem (git-fixes).\n- drm/fb-helper: Mark screen buffers in system memory with FBINFO_VIRTFB (git-fixes).\n- drm/fourcc: fix integer type usage in uapi header (git-fixes).\n- drm/i915/adlp: Fix TypeC PHY-ready status readout (git-fixes).\n- drm/i915: Allow !join_mbus cases for adlp+ dbuf configuration (bsc#1193640).\n- drm/i915: Check EDID for HDR static metadata when choosing blc (bsc#1190497)\n- drm/i915: Correctly populate use_sagv_wm for all pipes (git-fixes).\n- drm/i915/dg2: Print PHY name properly on calibration error (git-fixes).\n- drm/i915: Disable DRRS on IVB/HSW port != A (git-fixes).\n- drm/i915/display: Fix HPD short pulse handling for eDP (git-fixes).\n- drm/i915/display: Move DRRS code its own file (git-fixes).\n- drm/i915/display/psr: Unset enable_psr2_sel_fetch if other checks in intel_psr2_config_valid() fails (git-fixes).\n- drm/i915/display: split out dpt out of intel_display.c (git-fixes).\n- drm/i915/dmc: Add MMIO range restrictions (git-fixes).\n- drm/i915/dsi: fix VBT send packet port selection for ICL+ (git-fixes).\n- drm/i915: Fix bw atomic check when switching between SAGV vs. no SAGV (git-fixes).\n- drm/i915: Fix CFI violation with show_dynamic_id() (git-fixes).\n- drm/i915: Fix dbuf slice config lookup (git-fixes bsc#1193640).\n- drm/i915: Fix mbus join config lookup (git-fixes bsc#1193640).\n- drm/i915: Fix PSF GV point mask when SAGV is not possible (git-fixes).\n- drm/i915: Fix race in __i915_vma_remove_closed (bsc#1190497)\n- drm/i915: Fix SEL_FETCH_PLANE_*(PIPE_B+) register addresses (bsc#1190497)\n- drm/i915: Fix -Wstringop-overflow warning in call to intel_read_wm_latency() (git-fixes).\n- drm/i915/gem: add missing boundary check in vm_access (git-fixes).\n- drm/i915/gem: add missing else (git-fixes).\n- drm/i915/guc/slpc: Correct the param count for unset param (git-fixes).\n- drm/i915/gvt: clean up kernel-doc in gtt.c (git-fixes).\n- drm/i915/gvt: Make DRM_I915_GVT depend on X86 (git-fixes).\n- drm/i915: Implement w/a 22010492432 for adl-s (git-fixes).\n- drm/i915: Keep gem ctx-\u003evm alive until the final put (bsc#1190497)\n- drm/i915/opregion: check port number bounds for SWSCI display power state (git-fixes).\n- drm/i915/overlay: Prevent divide by zero bugs in scaling (git-fixes).\n- drm/i915: Populate pipe dbuf slices more accurately during readout (bsc#1193640).\n- drm/i915/reset: Fix error_state_read ptr + offset use (git-fixes).\n- drm/i915: s/JSP2/ICP2/ PCH (git-fixes).\n- drm/i915: Treat SAGV block time 0 as SAGV disabled (git-fixes).\n- drm/i915/ttm: ensure we unmap when purging (git-fixes).\n- drm/i915/ttm: tweak priority hint selection (git-fixes).\n- drm/i915: Widen the QGV point mask (git-fixes).\n- drm/i915: Workaround broken BIOS DBUF configuration on TGL/RKL (bsc#1193640).\n- drm/imx: dw_hdmi-imx: Fix bailout in error cases of probe (git-fixes).\n- drm: imx: fix compiler warning with gcc-12 (git-fixes).\n- drm/imx: Fix memory leak in imx_pd_connector_get_modes (git-fixes).\n- drm/imx: imx-ldb: Check for null pointer after calling kmemdup (git-fixes).\n- drm/imx: parallel-display: Remove bus flags check in imx_pd_bridge_atomic_check() (git-fixes).\n- drm/kmb: Fix for build errors with Warray-bounds (git-fixes).\n- drm/komeda: Fix an undefined behavior bug in komeda_plane_add() (git-fixes).\n- drm/komeda: return early if drm_universal_plane_init() fails (git-fixes).\n- drm: mali-dp: potential dereference of null pointer (git-fixes).\n- drm/mediatek: Add vblank register/unregister callback functions (bsc#1190768)\n- drm/mediatek: dpi: Use mt8183 output formats for mt8192 (git-fixes).\n- drm/mediatek: Fix mtk_cec_mask() (git-fixes).\n- drm/mediatek: mtk_dsi: Reset the dsi0 hardware (git-fixes).\n- drm/meson: Fix error handling when afbcd.ops-\u003einit fails (git-fixes).\n- drm/meson: Make use of the helper function devm_platform_ioremap_resourcexxx() (git-fixes).\n- drm/meson: osd_afbcd: Add an exit callback to struct meson_afbcd_ops (git-fixes).\n- drm/meson: split out encoder from meson_dw_hdmi (git-fixes).\n- drm/msm/a6xx: Fix missing ARRAY_SIZE() check (git-fixes).\n- drm/msm/a6xx: Fix refcount leak in a6xx_gpu_init (git-fixes).\n- drm/msm: add missing include to msm_drv.c (git-fixes).\n- drm/msm: Add missing put_task_struct() in debugfs path (git-fixes).\n- drm/msm/disp: check the return value of kzalloc() (git-fixes).\n- drm/msm/disp/dpu1: set mdp clk to the maximum frequency in opp table (bsc#1190768)\n- drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume (git-fixes).\n- drm/msm/dp: add fail safe mode outside of event_mutex context (git-fixes).\n- drm/msm/dp: always add fail-safe mode into connector mode list (git-fixes).\n- drm/msm/dp: Always clear mask bits to disable interrupts at dp_ctrl_reset_irq_ctrl() (git-fixes).\n- drm/msm/dp: check core_initialized before disable interrupts at dp_display_unbind() (git-fixes).\n- drm/msm/dp: do not initialize phy until plugin interrupt received (bsc#1190497)\n- drm/msm/dp: do not stop transmitting phy test pattern during DP phy compliance test (git-fixes).\n- drm/msm/dp: dp_link_parse_sink_count() return immediately if aux read failed (git-fixes).\n- drm/msm/dp: fix error check return value of irq_of_parse_and_map() (git-fixes).\n- drm/msm/dp: fix event thread stuck in wait_event after kthread_stop() (git-fixes).\n- drm/msm/dp: force link training for display resolution change (git-fixes).\n- drm/msm/dp: Modify prototype of encoder based API (git-fixes).\n- drm/msm/dp: populate connector of struct dp_panel (git-fixes).\n- drm/msm/dp: remove fail safe mode related code (git-fixes).\n- drm/msm/dp: reset DP controller before transmit phy test pattern (git-fixes).\n- drm/msm/dp: stop event kernel thread when DP unbind (bsc#1190768)\n- drm/msm/dp: stop link training after link training 2 failed (git-fixes).\n- drm/msm/dp: tear down main link at unplug handle immediately (bsc#1190768)\n- drm/msm/dpu: add DSPP blocks teardown (git-fixes).\n- drm/msm/dpu: adjust display_v_end for eDP and DP (git-fixes).\n- drm/msm/dpu: fix dp audio condition (git-fixes).\n- drm/msm/dpu: fix error check return value of irq_of_parse_and_map() (bsc#1190768)\n- drm/msm/dpu: handle pm_runtime_get_sync() errors in bind path (git-fixes).\n- drm/msm/dsi: fix address for second DSI PHY on SDM660 (git-fixes).\n- drm/msm/dsi: fix error checks and return values for DSI xmit functions (git-fixes).\n- drm/msm/dsi: Remove spurious IRQF_ONESHOT flag (git-fixes).\n- drm/msm/dsi: Use connector directly in msm_dsi_manager_connector_init() (git-fixes).\n- drm/msm/dsi: Use \u0027ref\u0027 fw clock instead of global name for VCO parent (git-fixes).\n- drm/msm: Fix double pm_runtime_disable() call (git-fixes).\n- drm: msm: fix error check return value of irq_of_parse_and_map() (git-fixes).\n- drm: msm: fix possible memory leak in mdp5_crtc_cursor_set() (git-fixes).\n- drm/msm: Fix range size vs end confusion (git-fixes).\n- drm/msm/hdmi: check return value after calling platform_get_resource_byname() (git-fixes).\n- drm/msm/hdmi: fix error check return value of irq_of_parse_and_map() (git-fixes).\n- drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf (git-fixes).\n- drm/msm/mdp5: check the return of kzalloc() (git-fixes).\n- drm/msm/mdp5: Return error code in mdp5_mixer_release when deadlock is detected (git-fixes).\n- drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is detected (git-fixes).\n- drm/msm: properly add and remove internal bridges (bsc#1190768)\n- drm/msm: remove unused plane_property field from msm_drm_private (bsc#1190768)\n- drm/msm: return an error pointer in msm_gem_prime_get_sg_table() (git-fixes).\n- drm/msm: Switch ordering of runpm put vs devfreq_idle (git-fixes).\n- drm/msm: use for_each_sgtable_sg to iterate over scatterlist (git-fixes).\n- drm/nouveau/acr: Fix undefined behavior in nvkm_acr_hsfw_load_bl() (git-fixes).\n- drm/nouveau/backlight: Just set all backlight types as RAW (git-fixes).\n- drm/nouveau/clk: Fix an incorrect NULL check on list iterator (git-fixes).\n- drm/nouveau: Fix a potential theorical leak in nouveau_get_backlight_name() (git-fixes).\n- drm/nouveau: fix off by one in BIOS boundary checking (git-fixes).\n- drm/nouveau/kms/nv50-: atom: fix an incorrect NULL check on list iterator (git-fixes).\n- drm/nouveau/pmu: Add missing callbacks for Tegra devices (git-fixes).\n- drm/nouveau/pmu/gm200-: use alternate falcon reset sequence (git-fixes).\n- drm/nouveau/subdev/bus: Ratelimit logging for fault errors (git-fixes).\n- drm/nouveau/tegra: Stop using iommu_present() (git-fixes).\n- drm: panel-orientation-quirks: Add quirk for the 1Netbook OneXPlayer (git-fixes).\n- drm/panel: panel-simple: Fix proper bpc for AM-1280800N3TZQW-T00H (git-fixes).\n- drm/panel/raspberrypi-touchscreen: Avoid NULL deref if not initialised (git-fixes).\n- drm/panel/raspberrypi-touchscreen: Initialise the bridge in prepare (git-fixes).\n- drm/panel: simple: Add missing bus flags for Innolux G070Y2-L01 (git-fixes).\n- drm/panel: simple: Assign data from panel_dpi_probe() correctly (git-fixes).\n- drm/panel: simple: Fix Innolux G070Y2-L01 BPP settings (git-fixes).\n- drm/panfrost: Check for error num after setting mask (git-fixes).\n- drm/plane: Move range check for format_count earlier (git-fixes).\n- drm/radeon: fix a possible null pointer dereference (git-fixes).\n- drm/radeon: Fix backlight control on iMac 12,1 (git-fixes).\n- drm/rockchip: dw_hdmi: Do not leave clock enabled in error case (git-fixes).\n- drm/rockchip: vop: Correct RK3399 VOP register fields (git-fixes).\n- drm/rockchip: vop: fix possible null-ptr-deref in vop_bind() (git-fixes).\n- drm/selftests/test-drm_dp_mst_helper: Fix memory leak in sideband_msg_req_encode_decode (git-fixes).\n- drm/simpledrm: Add \u0027panel orientation\u0027 property on non-upright mounted LCD panels (git-fixes).\n- drm: sti: do not use kernel-doc markers (git-fixes).\n- drm/sun4i: Fix crash during suspend after component bind failure (git-fixes).\n- drm/sun4i: mixer: Fix P010 and P210 format numbers (git-fixes).\n- drm/sun4i: Remove obsolete references to PHYS_OFFSET (bsc#1190786)\n- drm/syncobj: flatten dma_fence_chains on transfer (git-fixes).\n- drm/tegra: Add back arm_iommu_detach_device() (git-fixes).\n- drm/tegra: Fix reference leak in tegra_dsi_ganged_probe (git-fixes).\n- drm: use the lookup lock in drm_is_current_master (git-fixes).\n- drm/v3d/v3d_drv: Check for error num after setting mask (git-fixes).\n- drm/vc4: crtc: Fix runtime_pm reference counting (git-fixes).\n- drm/vc4: Fix deadlock on DSI device attach error (git-fixes).\n- drm/vc4: hdmi: Add debugfs prefix (bsc#1199163).\n- drm/vc4: hdmi: Allow DBLCLK modes even if horz timing is odd (git-fixes).\n- drm/vc4: hdmi: Fix build error for implicit function declaration (git-fixes).\n- drm/vc4: hdmi: Fix HPD GPIO detection (git-fixes).\n- drm/vc4: hdmi: Make sure the device is powered with CEC (git-fixes).\n- drm/vc4: hdmi: Split the CEC disable / enable functions in two (git-fixes).\n- drm/vc4: hvs: Fix frame count register readout (git-fixes).\n- drm/vc4: hvs: Reset muxes at probe time (git-fixes).\n- drm/vc4: txp: Do not set TXP_VSTART_AT_EOF (git-fixes).\n- drm/vc4: txp: Force alpha to be 0xff if it\u0027s disabled (git-fixes).\n- drm/vc4: Use pm_runtime_resume_and_get to fix pm_runtime_get_sync() usage (git-fixes).\n- drm/virtio: Ensure that objs is not NULL in virtio_gpu_array_put_free() (git-fixes).\n- drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes (git-fixes).\n- drm/vmwgfx: Disable command buffers on svga3 without gbobjects (git-fixes).\n- drm/vmwgfx: Fix fencing on SVGAv3 (git-fixes).\n- drm/vmwgfx: Initialize drm_mode_fb_cmd2 (git-fixes).\n- drm/vmwgfx: Remove unused compile options (bsc#1190786)\n- drm/vmwgfx: validate the screen formats (git-fixes).\n- drm/vrr: Set VRR capable prop only if it is attached to connector (git-fixes).\n- dt-bindings: arm: bcm: fix BCM53012 and BCM53016 SoC strings (git-fixes).\n- dt-bindings: can: tcan4x5x: fix mram-cfg RX FIFO config (git-fixes).\n- dt-bindings: display: sitronix, st7735r: Fix backlight in example (git-fixes).\n- dt-bindings: gpio: altera: correct interrupt-cells (git-fixes).\n- dt-bindings: memory: mtk-smi: No need mediatek,larb-id for mt8167 (git-fixes).\n- dt-bindings: mtd: nand-controller: Fix a comment in the examples (git-fixes).\n- dt-bindings: mtd: nand-controller: Fix the reg property description (git-fixes).\n- dt-bindings: net: xgmac_mdio: Remove unsupported \u0027bus-frequency\u0027 (git-fixes).\n- dt-bindings: PCI: xilinx-cpm: Fix reg property order (git-fixes).\n- dt-bindings: phy: uniphier-usb3hs: Fix incorrect clock-names and reset-names (git-fixes).\n- dt-bindings: pinctrl: aspeed-g6: remove FWQSPID group (git-fixes).\n- dt-bindings: pinctrl: pinctrl-microchip-sgpio: Fix example (git-fixes).\n- dt-bindings: spi: mxic: The interrupt property is not mandatory (git-fixes).\n- dt-bindings: usb: ehci: Increase the number of PHYs (git-fixes).\n- dt-bindings: usb: hcd: correct usb-device path (git-fixes).\n- dt-bindings: usb: ohci: Increase the number of PHYs (git-fixes).\n- dt-bindings: watchdog: Require samsung,syscon-phandle for Exynos7 (git-fixes).\n- e1000e: Correct NVM checksum verification flow (bsc#1191663).\n- e1000e: Fix possible HW unit hang after an s0ix exit (jsc#SLE-18382).\n- e1000e: Fix possible overflow in LTR decoding (git-fixes).\n- e1000e: Handshake with CSME starts from ADL platforms (git-fixes).\n- e1000e: Separate ADP board type from TGP (git-fixes).\n- EDAC/altera: Fix deferred probing (bsc#1190497).\n- EDAC/amd64: Add new register offset support and related changes (jsc#SLE-19026).\n- EDAC/amd64: Set memory type per DIMM (jsc#SLE-19026).\n- EDAC: Fix calculation of returned address and next offset in edac_align_ptr() (bsc#1190497).\n- EDAC/synopsys: Read the error count from the correct register (bsc#1190497).\n- EDAC/xgene: Fix deferred probing (bsc#1190497).\n- eeprom: ee1004: limit i2c reads to I2C_SMBUS_BLOCK_MAX (git-fixes).\n- efi: Add missing prototype for efi_capsule_setup_info (git-fixes).\n- efi: Do not import certificates from UEFI Secure Boot for T2 Macs (git-fixes).\n- efi: fix return value of __setup handlers (git-fixes).\n- efivars: Respect \u0027block\u0027 flag in efivar_entry_set_safe() (git-fixes).\n- enable DRM_BOCHS as module (bsc#1200572)\n- epic100: fix use after free on rmmod (git-fixes).\n- ethernet/sfc: remove redundant rc variable (bsc#1196306).\n- exec: Force single empty string when argv is empty (bsc#1200571).\n- ext2: correct max file size computing (bsc#1197820).\n- ext4: avoid trim error on fs with small groups (bsc#1191271).\n- ext4: destroy ext4_fc_dentry_cachep kmemcache on module removal (bsc#1197917).\n- ext4: fix an use-after-free issue about data=journal writeback mode (bsc#1195482).\n- ext4: fix bug_on ext4_mb_use_inode_pa (bsc#1200810).\n- ext4: fix bug_on in __es_tree_search (bsc#1200809).\n- ext4: fix ext4_fc_stats trace point (git-fixes).\n- ext4: fix race condition between ext4_write and ext4_convert_inline_data (bsc#1200807).\n- ext4: limit length to bitmap_maxbytes - blocksize in punch_hole (bsc#1200806).\n- ext4: make variable \u0027count\u0027 signed (bsc#1200820).\n- ext4: reject the \u0027commit\u0027 option on ext2 filesystems (bsc#1200808).\n- extcon: Modify extcon device to be created after driver data is set (git-fixes).\n- extcon: ptn5150: Add queue work sync before driver release (git-fixes).\n- faddr2line: Fix overlapping text section failures, the sequel (git-fixes).\n- fbcon: Avoid \u0027cap\u0027 set but not used warning (bsc#1190786)\n- fbcon: Consistently protect deferred_takeover with console_lock() (git-fixes).\n- firewire: core: extend card-\u003elock in fw_core_handle_bus_reset (git-fixes).\n- firewire: fix potential uaf in outbound_phy_packet_callback() (git-fixes).\n- firewire: remove check of list iterator against head past the loop body (git-fixes).\n- firmware: arm_ffa: Fix uuid parameter to ffa_partition_probe (git-fixes).\n- firmware: arm_ffa: Remove incorrect assignment of driver_data (git-fixes).\n- firmware: arm_scmi: Fix list protocols enumeration in the base protocol (git-fixes).\n- firmware: arm_scmi: Fix sorting of retrieved clock rates (git-fixes).\n- firmware: arm_scmi: Remove space in MODULE_ALIAS name (git-fixes).\n- firmware: arm_scmi: Validate BASE_DISCOVER_LIST_PROTOCOLS response (git-fixes).\n- firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle (git-fixes).\n- firmware: google: Properly state IOMEM dependency (git-fixes).\n- firmware: qcom: scm: Remove reassignment to desc following initializer (git-fixes).\n- firmware: stratix10-svc: add missing callback parameter on RSU (git-fixes).\n- firmware: stratix10-svc: fix a missing check on list iterator (git-fixes).\n- firmware: sysfb: fix platform-device leak in error path (git-fixes).\n- firmware: ti_sci: Fix compilation failure when CONFIG_TI_SCI_PROTOCOL is not defined (git-fixes).\n- firmware: use kernel credentials when reading firmware (git-fixes).\n- Fix a warning about a malformed kernel doc comment in cifs (bsc#1193629).\n- fs: fd tables have to be multiples of BITS_PER_LONG (bsc#1200827).\n- fs: fix fd table size alignment properly (bsc#1200882).\n- fs: handle circular mappings correctly (bsc#1197918).\n- fsl_lpuart: Do not enable interrupts too early (git-fixes).\n- fsnotify: Do not insert unmergeable events in hashtable (bsc#1197922).\n- fsnotify: fix fsnotify hooks in pseudo filesystems (bsc#1195944 bsc#1195478).\n- fsnotify: fix wrong lockdep annotations (bsc#1200815).\n- ftrace: Clean up hash direct_functions on register failures (git-fixes).\n- fuse: fix fileattr op failure (bsc#1197292).\n- gen_init_cpio: fix short read file handling (bsc#1193289).\n- genirq/affinity: Consider that CPUs on nodes can be (git-fixes)\n- genirq: Synchronize interrupt thread startup (git-fixes)\n- gianfar: ethtool: Fix refcount leak in gfar_get_ts_info (git-fixes).\n- gma500: fix an incorrect NULL check on list iterator (git-fixes).\n- gpio: adp5588: Remove support for platform setup and teardown callbacks (git-fixes).\n- gpio: aggregator: Fix calling into sleeping GPIO controllers (git-fixes).\n- gpio: dwapb: Do not print error on -EPROBE_DEFER (git-fixes).\n- gpio: gpio-vf610: do not touch other bits when set the target bit (git-fixes).\n- gpiolib: acpi: Convert ACPI value of debounce to microseconds (git-fixes).\n- gpiolib: acpi: use correct format characters (git-fixes).\n- gpiolib: Never return internal error codes to user space (git-fixes).\n- gpiolib: of: fix bounds check for \u0027gpio-reserved-ranges\u0027 (git-fixes).\n- gpio: mvebu: drop pwm base assignment (git-fixes).\n- gpio: mvebu/pwm: Refuse requests with inverted polarity (git-fixes).\n- gpio: pca953x: fix irq_stat not updated when irq is disabled (irq_mask not set) (git-fixes).\n- gpio: pca953x: use the correct register address to do regcache sync (git-fixes).\n- gpio: Return EPROBE_DEFER if gc-\u003eto_irq is NULL (git-fixes).\n- gpio: Revert regression in sysfs-gpio (gpiolib.c) (git-fixes).\n- gpio: sifive: use the correct register to read output values (git-fixes).\n- gpio: tegra186: Fix chip_data type confusion (git-fixes).\n- gpio: ts4900: Do not set DAT and OE together (git-fixes).\n- gpio: visconti: Fix fwnode of GPIO IRQ (git-fixes).\n- gpio: winbond: Fix error code in winbond_gpio_get() (git-fixes).\n- gpu: host1x: Fix a memory leak in \u0027host1x_remove()\u0027 (git-fixes).\n- gpu: ipu-v3: Fix dev_dbg frequency output (git-fixes).\n- gup: Turn fault_in_pages_{readable,writeable} into fault_in_{readable,writeable} (git-fixes).\n- gve: Fix GFP flags when allocing pages (git-fixes).\n- gve: fix the wrong AdminQ buffer queue index check (git-fixes).\n- habanalabs: Add check for pci_enable_device (git-fixes).\n- habanalabs: fix possible memory leak in MMU DR fini (git-fixes).\n- hamradio: fix macro redefine warning (git-fixes).\n- hex2bin: fix access beyond string end (git-fixes).\n- HID: add mapping for KEY_ALL_APPLICATIONS (git-fixes).\n- HID: add mapping for KEY_DICTATE (git-fixes).\n- HID: Add support for open wheel and no attachment to T300 (git-fixes).\n- HID:Add support for UGTABLET WP5540 (git-fixes).\n- HID: amd_sfh: Add illuminance mask to limit ALS max value (git-fixes).\n- HID: amd_sfh: Correct the structure field name (git-fixes).\n- HID: amd_sfh: Modify the bus name (git-fixes).\n- HID: amd_sfh: Modify the hid name (git-fixes).\n- HID: bigben: fix slab-out-of-bounds Write in bigben_probe (git-fixes).\n- hide appended member supports_dynamic_smps_6ghz (git-fixes).\n- HID: elan: Fix potential double free in elan_input_configured (git-fixes).\n- HID: hid-led: fix maximum brightness for Dream Cheeky (git-fixes).\n- HID: hid-thrustmaster: fix OOB read in thrustmaster_interrupts (git-fixes).\n- HID: i2c-hid: fix GET/SET_REPORT for unnumbered reports (git-fixes).\n- HID: intel-ish-hid: Use dma_alloc_coherent for firmware update (git-fixes).\n- HID: logitech-dj: add new lightspeed receiver id (git-fixes).\n- HID: multitouch: add quirks to enable Lenovo X12 trackpoint (git-fixes).\n- HID: multitouch: Add support for Google Whiskers Touchpad (git-fixes).\n- HID: multitouch: fix Dell Precision 7550 and 7750 button type (bsc#1197243).\n- HID: vivaldi: fix sysfs attributes leak (git-fixes).\n- hinic: fix bug of wq out of bound access (git-fixes).\n- hv_balloon: rate-limit \u0027Unhandled message\u0027 warning (git-fixes).\n- hv_netvsc: Add check for kvmalloc_array (git-fixes).\n- hv_utils: Add comment about max VMbus packet size in VSS driver (git-fixes).\n- hwmon: (dell-smm) Speed up setting of fan speed (git-fixes).\n- hwmon: (f71882fg) Fix negative temperature (git-fixes).\n- hwmon: Handle failure to register sensor with thermal zone correctly (git-fixes).\n- hwmon: (ibmaem) do not call platform_device_del() if platform_device_add() fails (git-fixes).\n- hwmon: (ltq-cputemp) restrict it to SOC_XWAY (git-fixes).\n- hwmon: (pmbus) Add mutex to regulator ops (git-fixes).\n- hwmon: (pmbus) Add Vin unit off handling (git-fixes).\n- hwmon: (pmbus) Check PEC support before reading other registers (git-fixes).\n- hwmon: (pmbus) Clear pmbus fault/warning bits after read (git-fixes).\n- hwmon: (pmbus) disable PEC if not enabled (git-fixes).\n- hwmon: (sch56xx-common) Replace WDOG_ACTIVE with WDOG_HW_RUNNING (git-fixes).\n- hwmon: (tmp401) Add OF device ID table (git-fixes).\n- hwrng: atmel - disable trng on failure path (git-fixes).\n- hwrng: cavium - Check health status while reading random data (git-fixes).\n- hwrng: cavium - HW_RANDOM_CAVIUM should depend on ARCH_THUNDER (git-fixes).\n- hwrng: nomadik - Change clk_disable to clk_disable_unprepare (git-fixes).\n- hwrng: omap3-rom - fix using wrong clk_disable() in omap_rom_rng_runtime_resume() (git-fixes).\n- i2c: at91: Initialize dma_buf in at91_twi_xfer() (git-fixes).\n- i2c: at91: use dma safe buffers (git-fixes).\n- i2c: bcm2835: Avoid clock stretching timeouts (git-fixes).\n- i2c: bcm2835: Fix the error handling in \u0027bcm2835_i2c_probe()\u0027 (git-fixes).\n- i2c: bcm2835: Use platform_get_irq() to get the interrupt (git-fixes).\n- i2c: brcmstb: fix support for DSL and CM variants (git-fixes).\n- i2c: cadence: Increase timeout per message if necessary (git-fixes).\n- i2c: designware: Use standard optional ref clock implementation (git-fixes).\n- i2c: dev: Force case user pointers in compat_i2cdev_ioctl() (git-fixes).\n- i2c: ismt: prevent memory corruption in ismt_access() (git-fixes).\n- i2c: ismt: Provide a DMA buffer for Interrupt Cause Logging (git-fixes).\n- i2c: meson: Fix wrong speed use from probe (git-fixes).\n- i2c: mt7621: fix missing clk_disable_unprepare() on error in mtk_i2c_probe() (git-fixes).\n- i2c: mux: demux-pinctrl: do not deactivate a master that is not active (git-fixes).\n- i2c: npcm7xx: Add check for platform_driver_register (git-fixes).\n- i2c: npcm: Correct register access width (git-fixes).\n- i2c: npcm: Fix timeout calculation (git-fixes).\n- i2c: npcm: Handle spurious interrupts (git-fixes).\n- i2c: piix4: Add EFCH MMIO support for SMBus port select (git-fixes).\n- i2c: piix4: Add EFCH MMIO support to region request and release (git-fixes).\n- i2c: piix4: Add EFCH MMIO support to SMBus base address detect (git-fixes).\n- i2c: piix4: Enable EFCH MMIO for Family 17h+ (git-fixes).\n- i2c: piix4: Move port I/O region request/release code into functions (git-fixes).\n- i2c: piix4: Move SMBus controller base address detect into function (git-fixes).\n- i2c: piix4: Move SMBus port selection into function (git-fixes).\n- i2c: piix4: Replace hardcoded memory map size with a #define (git-fixes).\n- i2c: qcom-cci: do not delete an unregistered adapter (git-fixes).\n- i2c: qcom-cci: do not put a device tree node before i2c_add_adapter() (git-fixes).\n- i2c: rcar: fix PM ref counts in probe error paths (git-fixes).\n- i2c: xiic: Make bus names unique (git-fixes).\n- i40e: do not reserve excessive XDP_PACKET_HEADROOM on XSK Rx to skb (git-fixes).\n- i40e: Fix for failed to init adminq while VF reset (git-fixes).\n- i40e: Fix issue when maximum queues is exceeded (git-fixes).\n- i40e: Fix queues reservation for XDP (git-fixes).\n- i40e: Fix reset bw limit when DCB enabled with 1 TC (git-fixes).\n- i40e: Fix reset path while removing the driver (git-fixes).\n- i40e: fix unsigned stat widths (git-fixes).\n- i40e: i40e_main: fix a missing check on list iterator (git-fixes).\n- i40e: Increase delay to 1 s after global EMP reset (git-fixes).\n- i40e: remove dead stores on XSK hotpath (jsc#SLE-18378).\n- i40e: respect metadata on XSK Rx to skb (git-fixes).\n- i40e: stop disabling VFs due to PF error responses (jsc#SLE-18378).\n- iavf: Add waiting so the port is initialized in remove (jsc#SLE-18385).\n- iavf: Fix deadlock in iavf_reset_task (jsc#SLE-18385).\n- iavf: Fix double free in iavf_reset_task (jsc#SLE-18385).\n- iavf: Fix handling of vlan strip virtual channel messages (jsc#SLE-18385).\n- iavf: Fix hang during reboot/shutdown (jsc#SLE-18385).\n- iavf: Fix __IAVF_RESETTING state usage (jsc#SLE-18385).\n- iavf: Fix init state closure on remove (jsc#SLE-18385).\n- iavf: Fix locking for VIRTCHNL_OP_GET_OFFLOAD_VLAN_V2_CAPS (jsc#SLE-18385).\n- iavf: Fix missing check for running netdev (git-fixes).\n- iavf: Fix race in init state (jsc#SLE-18385).\n- iavf: Rework mutexes for better synchronisation (jsc#SLE-18385 stable-5.14.6).\n- IB/cma: Allow XRC INI QPs to set their local ACK timeout (git-fixes).\n- IB/cm: Cancel mad on the DREQ event when the state is MRA_REP_RCVD (git-fixes).\n- IB/cm: Release previously acquired reference counter in the cm_id_priv (git-fixes).\n- IB/hfi1: Allow larger MTU without AIP (git-fixes).\n- IB/hfi1: Fix AIP early init panic (git-fixes).\n- IB/hfi1: Fix alloc failure with larger txqueuelen (git-fixes).\n- IB/hfi1: Fix panic with larger ipoib send_queue_size (jsc#SLE-19242).\n- IB/hfi1: Fix tstats alloc and dealloc (git-fixes).\n- IB/mlx5: Expose NDR speed through MAD (bsc#1196930).\n- ibmvnic: do not release napi in __ibmvnic_open() (bsc#1195668 ltc#195811).\n- ibmvnic: fix race between xmit and reset (bsc#1197302 ltc#197259).\n- ibmvnic: Properly dispose of all skbs during a failover (bsc#1200925).\n- ibmvnic: schedule failover only if vioctl fails (bsc#1196400 ltc#195815).\n- IB/qib: Fix duplicate sysfs directory name (git-fixes).\n- IB/rdmavt: add lock to call to rvt_error_qp to prevent a race condition (git-fixes).\n- IB/rdmavt: Validate remote_addr during loopback atomic tests (git-fixes).\n- ice: allow creating VFs for !CONFIG_NET_SWITCHDEV (jsc#SLE-18375).\n- ice: check the return of ice_ptp_gettimex64 (git-fixes).\n- ice: clear cmd_type_offset_bsz for TX rings (jsc#SLE-18375).\n- ice: Clear default forwarding VSI during VSI release (git-fixes).\n- ice: clear stale Tx queue settings before configuring (git-fixes).\n- ice: do not allow to run ice_send_event_to_aux() in atomic ctx (git-fixes).\n- ice: do not reserve excessive XDP_PACKET_HEADROOM on XSK Rx to skb (git-fixes).\n- ice: Do not use GFP_KERNEL in atomic context (git-fixes).\n- ice: enable parsing IPSEC SPI headers for RSS (git-fixes).\n- ice: fix an error code in ice_cfg_phy_fec() (git-fixes).\n- ice: fix concurrent reset and removal of VFs (git-fixes).\n- ice: fix crash in switchdev mode (jsc#SLE-18375).\n- ice: Fix curr_link_speed advertised speed (git-fixes).\n- ice: Fix incorrect locking in ice_vc_process_vf_msg() (jsc#SLE-18375).\n- ice: fix IPIP and SIT TSO offload (git-fixes).\n- ice: fix NULL pointer dereference in ice_update_vsi_tx_ring_stats() (jsc#SLE-18375).\n- ice: fix PTP stale Tx timestamps cleanup (git-fixes).\n- ice: fix setting l4 port flag when adding filter (jsc#SLE-18375).\n- ice: fix use-after-free when deinitializing mailbox snapshot (git-fixes).\n- ice: initialize local variable \u0027tlv\u0027 (git-fixes).\n- ice: kabi protect ice_pf (bsc#1200502).\n- ice: Protect vf_state check by cfg_lock in ice_vc_process_vf_msg() (jsc#SLE-18375).\n- ice: respect metadata on XSK Rx to skb (git-fixes).\n- ice: synchronize_rcu() when terminating rings (git-fixes).\n- ice: xsk: Fix indexing in ice_tx_xsk_pool() (jsc#SLE-18375).\n- ice: xsk: fix VSI state check in ice_xsk_wakeup() (git-fixes).\n- igb: refactor XDP registration (git-fixes).\n- igc: avoid kernel warning when changing RX ring parameters (git-fixes).\n- igc: do not reserve excessive XDP_PACKET_HEADROOM on XSK Rx to skb (git-fixes).\n- igc: Fix BUG: scheduling while atomic (git-fixes).\n- igc: Fix infinite loop in release_swfw_sync (git-fixes).\n- igc: Fix suspending when PTM is active (jsc#SLE-18377).\n- igc: igc_read_phy_reg_gpy: drop premature return (git-fixes).\n- igc: igc_write_phy_reg_gpy: drop premature return (git-fixes).\n- iio:accel:bma180: rearrange iio trigger get and register (git-fixes).\n- iio: accel: fxls8962af: add padding to regmap for SPI (git-fixes).\n- iio:accel:kxcjk-1013: rearrange iio trigger get and register (git-fixes).\n- iio: accel: mma8452: ignore the return value of reset operation (git-fixes).\n- iio: accel: mma8452: use the correct logic to get mma8452_data (git-fixes).\n- iio:accel:mxc4005: rearrange iio trigger get and register (git-fixes).\n- iio: adc: ad7124: fix mask used for setting AIN_BUFP and AIN_BUFM bits (git-fixes).\n- iio: adc: ad7124: Remove shift from scan_type (git-fixes).\n- iio: adc: Add check for devm_request_threaded_irq (git-fixes).\n- iio: adc: adi-axi-adc: Fix refcount leak in adi_axi_adc_attach_client (git-fixes).\n- iio: adc: axp288: Override TS pin bias current for some models (git-fixes).\n- iio: adc: men_z188_adc: Fix a resource leak in an error handling path (git-fixes).\n- iio: adc: sc27xx: Fine tune the scale calibration values (git-fixes).\n- iio: adc: sc27xx: fix read big scale voltage not right (git-fixes).\n- iio: adc: stm32: Fix ADCs iteration in irq handler (git-fixes).\n- iio: adc: stm32: Fix IRQs on STM32F4 by removing custom spurious IRQs message (git-fixes).\n- iio: adc: stm32: fix maximum clock rate for stm32mp15x (git-fixes).\n- iio: adc: stmpe-adc: Fix wait_for_completion_timeout return value check (git-fixes).\n- iio: adc: ti-ads131e08: add missing fwnode_handle_put() in ads131e08_alloc_channels() (git-fixes).\n- iio: adc: tsc2046: fix memory corruption by preventing array overflow (git-fixes).\n- iio: adc: vf610: fix conversion mode sysfs node name (git-fixes).\n- iio: afe: rescale: Fix boolean logic bug (git-fixes).\n- iio: afe: rescale: use s64 for temporary scale calculations (git-fixes).\n- iio: buffer: Fix file related error handling in IIO_BUFFER_GET_FD_IOCTL (git-fixes).\n- iio:chemical:ccs811: rearrange iio trigger get and register (git-fixes).\n- iio: dac: ad5446: Fix read_raw not returning set value (git-fixes).\n- iio: dac: ad5592r: Fix the missing return value (git-fixes).\n- iio: dummy: iio_simple_dummy: check the return value of kstrdup() (git-fixes).\n- iio: Fix error handling for PM (git-fixes).\n- iio: gyro: mpu3050: Fix the error handling in mpu3050_power_up() (git-fixes).\n- iio:humidity:hts221: rearrange iio trigger get and register (git-fixes).\n- iio:imu:adis16480: fix buffering for devices with no burst mode (git-fixes).\n- iio:imu:bmi160: disable regulator in error path (git-fixes).\n- iio: imu: inv_icm42600: Fix I2C init possible nack (git-fixes).\n- iio: imu: st_lsm6dsx: wait for settling time in st_lsm6dsx_read_oneshot (git-fixes).\n- iio: inkern: apply consumer scale on IIO_VAL_INT cases (git-fixes).\n- iio: inkern: apply consumer scale when no channel scale is available (git-fixes).\n- iio: inkern: make a best effort on offset calculation (git-fixes).\n- iio: magnetometer: ak8975: Fix the error handling in ak8975_power_on() (git-fixes).\n- iio: magnetometer: yas530: Fix memchr_inv() misuse (git-fixes).\n- iio: mma8452: Fix probe failing when an i2c_device_id is used (git-fixes).\n- iio: mma8452: fix probe fail when device tree compatible is used (git-fixes).\n- iio: proximity: vl53l0x: Fix return value check of wait_for_completion_timeout (git-fixes).\n- iio: st_sensors: Add a local lock for protecting odr (git-fixes).\n- iio: trigger: sysfs: fix use-after-free on remove (git-fixes).\n- ima: Allow template selection with ima_template[_fmt]= after ima_hash= (git-fixes).\n- ima: Do not print policy rule with inactive LSM labels (git-fixes).\n- ima: fix reference leak in asymmetric_verify() (git-fixes).\n- ima: Remove ima_policy file before directory (git-fixes).\n- init: call time_init() before rand_initialize() (git-fixes).\n- init: Initialize noop_backing_dev_info early (bsc#1200822).\n- init/main.c: return 1 from handled __setup() functions (git-fixes).\n- initramfs: Check timestamp to prevent broken cpio archive (bsc#1193289).\n- inotify: show inotify mask flags in proc fdinfo (bsc#1200600).\n- Input: add bounds checking to input_set_capability() (git-fixes).\n- Input: aiptek - properly check endpoint type (git-fixes).\n- Input: bcm5974 - set missing URB_NO_TRANSFER_DMA_MAP urb flag (git-fixes).\n- Input: clear BTN_RIGHT/MIDDLE on buttonpads (git-fixes).\n- Input: elan_i2c: Add deny list for Lenovo Yoga Slim 7 (bsc#1193064).\n- Input: elan_i2c - fix regulator enable count imbalance after suspend/resume (git-fixes).\n- Input: elan_i2c - move regulator_[en|dis]able() out of elan_[en|dis]able_power() (git-fixes).\n- Input: gpio-keys - cancel delayed work only in case of GPIO (git-fixes).\n- Input: ili210x - fix reset timing (git-fixes).\n- Input: omap4-keypad - fix pm_runtime_get_sync() error checking (git-fixes).\n- Input: samsung-keypad - properly state IOMEM dependency (git-fixes).\n- Input: soc_button_array - also add Lenovo Yoga Tablet2 1051F to dmi_use_low_level_irq (git-fixes).\n- Input: sparcspkr - fix refcount leak in bbc_beep_probe (git-fixes).\n- Input: stmfts - do not leave device disabled in stmfts_input_open (git-fixes).\n- Input: stmfts - fix reference leak in stmfts_input_open (git-fixes).\n- Input: synaptics - enable InterTouch on ThinkPad T14/P14s Gen 1 AMD (git-fixes).\n- Input: synaptics: retry query upon error (bsc#1194086).\n- Input: wm97xx: Simplify resource management (git-fixes).\n- Input: zinitix - do not report shadow fingers (git-fixes).\n- integrity: check the return value of audit_log_start() (git-fixes).\n- iocost: do not reset the inuse weight of under-weighted debtors (git-fixes).\n- iocost: Fix divide-by-zero on donation from low hweight cgroup (bsc#1198014).\n- iomap: iomap_write_failed fix (bsc#1200829).\n- iommu/amd: Fix loop timeout issue in iommu_ga_log_enable() (git-fixes).\n- iommu/amd: Increase timeout waiting for GA log enablement (bsc#1199052).\n- iommu/amd: Remove useless irq affinity notifier (git-fixes).\n- iommu/amd: Restore GA log/tail pointer on host resume (git-fixes).\n- iommu/amd: X2apic mode: mask/unmask interrupts on suspend/resume (git-fixes).\n- iommu/amd: X2apic mode: re-enable after resume (git-fixes).\n- iommu/amd: X2apic mode: setup the INTX registers on mask/unmask (git-fixes).\n- iommu: arm-smmu: disable large page mappings for Nvidia arm-smmu (bsc#1198826).\n- iommu/arm-smmu-qcom: Fix TTBR0 read (git-fixes).\n- iommu: Extend mutex lock scope in iommu_probe_device() (git-fixes).\n- iommu/ioasid: Introduce a helper to check for valid PASIDs (jsc#SLE-24350).\n- iommu/io-pgtable-arm: Fix table descriptor paddr formatting (git-fixes).\n- iommu/io-pgtable-arm-v7s: Add error handle for page table allocation failure (git-fixes).\n- iommu/iova: Fix race between FQ timeout and teardown (git-fixes).\n- iommu/sva: Assign a PASID to mm on PASID allocation and free it on mm exit (jsc#SLE-24350).\n- iommu/sva: Rename CONFIG_IOMMU_SVA_LIB to CONFIG_IOMMU_SVA (jsc#SLE-24350).\n- iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping() (git-fixes).\n- ionic: add FW_STOPPING state (git-fixes).\n- ionic: Allow flexibility for error reporting on dev commands (git-fixes).\n- ionic: better handling of RESET event (git-fixes).\n- ionic: catch transition back to RUNNING with fw_generation 0 (git-fixes).\n- ionic: Cleanups in the Tx hotpath code (git-fixes).\n- ionic: Correctly print AQ errors if completions are not received (git-fixes).\n- ionic: disable napi when ionic_lif_init() fails (git-fixes).\n- ionic: Do not send reset commands if FW isn\u0027t running (git-fixes).\n- ionic: fix missing pci_release_regions() on error in ionic_probe() (git-fixes).\n- ionic: fix type complaint in ionic_dev_cmd_clean() (git-fixes).\n- ionic: fix up printing of timeout error (git-fixes).\n- ionic: Prevent filter add/del err msgs when the device is not available (git-fixes).\n- ionic: Query FW when getting VF info via ndo_get_vf_config (git-fixes).\n- ionic: remove the dbid_inuse bitmap (git-fixes).\n- ionic: replace set_vf data with union (git-fixes).\n- ionic: start watchdog after all is setup (git-fixes).\n- ionic: stretch heartbeat detection (git-fixes).\n- io_uring: add more locking annotations for submit (bsc#1199011).\n- io_uring: avoid touching inode in rw prep (bsc#1199011).\n- io_uring: be smarter about waking multiple CQ ring waiters (bsc#1199011).\n- io_uring: cache __io_free_req()\u0027d requests (bsc#1199011).\n- io_uring: clean io-wq callbacks (bsc#1199011).\n- io_uring: clean up tctx_task_work() (bsc#1199011).\n- io_uring: deduplicate open iopoll check (bsc#1199011).\n- io_uring: do not halt iopoll too early (bsc#1199011).\n- io_uring: drop exec checks from io_req_task_submit (bsc#1199011).\n- io_uring: extract a helper for ctx quiesce (bsc#1199011).\n- io_uring: Fix undefined-behaviour in io_issue_sqe (bsc#1199011).\n- io_uring: improve ctx hang handling (bsc#1199011).\n- io_uring: inline fixed part of io_file_get() (bsc#1199011).\n- io_uring: inline io_free_req_deferred (bsc#1199011).\n- io_uring: inline io_poll_remove_waitqs (bsc#1199011).\n- io_uring: inline struct io_comp_state (bsc#1199011).\n- io_uring: kill unused IO_IOPOLL_BATCH (bsc#1199011).\n- io_uring: move io_fallback_req_func() (bsc#1199011).\n- io_uring: move io_put_task() definition (bsc#1199011).\n- io_uring: move io_rsrc_node_alloc() definition (bsc#1199011).\n- io_uring: optimise io_cqring_wait() hot path (bsc#1199011).\n- io_uring: optimise putting task struct (bsc#1199011).\n- io_uring: refactor io_alloc_req (bsc#1199011).\n- io_uring: remove extra argument for overflow flush (bsc#1199011).\n- io_uring: remove file batch-get optimisation (bsc#1199011).\n- io_uring: remove IRQ aspect of io_ring_ctx completion lock (bsc#1199011).\n- io_uring: remove redundant args from cache_free (bsc#1199011).\n- io_uring: remove unnecessary PF_EXITING check (bsc#1199011).\n- io_uring: rename io_file_supports_async() (bsc#1199011).\n- io_uring: run linked timeouts from task_work (bsc#1199011).\n- io_uring: run regular file completions from task_work (bsc#1199011).\n- io_uring: run timeouts from task_work (bsc#1199011).\n- io_uring: use inflight_entry instead of compl.list (bsc#1199011).\n- io_uring: use kvmalloc for fixed files (bsc#1199011).\n- io-wq: get rid of FIXED worker flag (bsc#1199011).\n- io-wq: make worker creation resilient against signals (bsc#1199011).\n- io-wq: move nr_running and worker_refs out of wqe-\u003elock protection (bsc#1199011).\n- io-wq: only exit on fatal signals (bsc#1199011).\n- io-wq: provide a way to limit max number of workers (bsc#1199011).\n- io-wq: split bounded and unbounded work into separate lists (bsc#1199011).\n- io-wq: wqe and worker locks no longer need to be IRQ safe (bsc#1199011).\n- ipc/sem: do not sleep with a spin lock held (bsc#1198412).\n- ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback (git-fixes).\n- ipmi: bail out if init_srcu_struct fails (git-fixes).\n- ipmi: Fix pr_fmt to avoid compilation issues (git-fixes).\n- ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module (git-fixes).\n- ipmi:ssif: Check for NULL msg when handling events and messages (git-fixes).\n- ipvs: add sysctl_run_estimation to support disable estimation (bsc#1195504).\n- ipw2x00: Fix potential NULL dereference in libipw_xmit() (git-fixes).\n- irqchip/armada-370-xp: Do not touch Performance Counter Overflow on A375, A38x, A39x (git-fixes).\n- irqchip/aspeed-i2c-ic: Fix irq_of_parse_and_map() return value (git-fixes).\n- irqchip/aspeed-scu-ic: Fix irq_of_parse_and_map() return value (git-fixes).\n- irqchip/exiu: Fix acknowledgment of edge triggered interrupts (git-fixes).\n- irqchip/gic, gic-v3: Prevent GSI to SGI translations (git-fixes).\n- irqchip/gic/realview: Fix refcount leak in realview_gic_of_init (git-fixes).\n- irqchip/gic-v3: Ensure pseudo-NMIs have an ISB between ack and handling (git-fixes).\n- irqchip/gic-v3: Fix error handling in gic_populate_ppi_partitions (git-fixes).\n- irqchip/gic-v3: Fix GICR_CTLR.RWP polling (git-fixes).\n- irqchip/gic-v3: Fix refcount leak in gic_populate_ppi_partitions (git-fixes).\n- irqchip/gic-v4: Wait for GICR_VPENDBASER.Dirty to clear before descheduling (git-fixes).\n- irqchip: irq-xtensa-mx: fix initial IRQ affinity (git-fixes).\n- irqchip/nvic: Release nvic_base upon failure (git-fixes).\n- irqchip/qcom-pdc: Fix broken locking (git-fixes).\n- irqchip/realtek-rtl: Fix refcount leak in map_interrupts (git-fixes).\n- irqchip/realtek-rtl: Service all pending interrupts (git-fixes).\n- isdn: hfcpci: check the return value of dma_set_mask() in setup_hw() (git-fixes).\n- ivtv: fix incorrect device_caps for ivtvfb (git-fixes).\n- iwlwifi: do not advertise TWT support (git-fixes).\n- iwlwifi: Fix -EIO error code that is never returned (git-fixes).\n- iwlwifi: fix use-after-free (git-fixes).\n- iwlwifi: iwl-dbg: Use del_timer_sync() before freeing (git-fixes).\n- iwlwifi: mvm: align locking in D3 test debugfs (git-fixes).\n- iwlwifi: mvm: check debugfs_dir ptr before use (git-fixes).\n- iwlwifi: mvm: Correctly set fragmented EBS (git-fixes).\n- iwlwifi: mvm: Do not call iwl_mvm_sta_from_mac80211() with NULL sta (git-fixes).\n- iwlwifi: mvm: do not crash on invalid rate w/o STA (git-fixes).\n- iwlwifi: mvm: do not iterate unadded vifs when handling FW SMPS req (git-fixes).\n- iwlwifi: mvm: do not send SAR GEO command for 3160 devices (git-fixes).\n- iwlwifi: mvm: Fix an error code in iwl_mvm_up() (git-fixes).\n- iwlwifi: mvm: fix assert 1F04 upon reconfig (git-fixes).\n- iwlwifi: mvm: move only to an enabled channel (git-fixes).\n- iwlwifi: pcie: fix locking when \u0027HW not ready\u0027 (git-fixes).\n- iwlwifi: pcie: gen2: fix locking when \u0027HW not ready\u0027 (git-fixes).\n- iwlwifi: yoyo: remove DBGI_SRAM address reset writing (git-fixes).\n- ixgbe: do not reserve excessive XDP_PACKET_HEADROOM on XSK Rx to skb (git-fixes).\n- ixgbe: ensure IPsec VF - PF compatibility (git-fixes).\n- ixgbe: respect metadata on XSK Rx to skb (git-fixes).\n- ixgbe: xsk: change !netif_carrier_ok() handling in ixgbe_xmit_zc() (git-fixes).\n- jbd2: Fake symbols defined under CONFIG_JBD2_DEBUG (bsc#1198971).\n- jfs: fix divide error in dbNextAG (bsc#1200828).\n- kABI: Fix kABI after \u0027x86/mm/cpa: Generalize __set_memory_enc_pgtable()\u0027 (jsc#SLE-19924).\n- kABI fix of sysctl_run_estimation (git-fixes).\n- kABI: fix rndis_parameters locking (git-fixes).\n- kABI: ivtv: restore caps member (git-fixes).\n- kabi/severities: allow dropping a few invalid exported symbols (bsc#1201218)\n- kabi/severities: Ignore arch/x86/kvm except for kvm_x86_ops Handle this like in previous SLE kernels.\n- kABI workaround for fxls8962af iio accel drivers (git-fixes).\n- kABI workaround for pci quirks (git-fixes).\n- kconfig: fix failing to generate auto.conf (git-fixes).\n- kconfig: let \u0027shell\u0027 return enough output for deep path names (git-fixes).\n- kernel/fork: Initialize mm\u0027s PASID (jsc#SLE-24350).\n- kernel/resource: Introduce request_mem_region_muxed() (git-fixes).\n- kexec_file: drop weak attribute from arch_kexec_apply_relocations[_add] (git-fixes).\n- KEYS: asymmetric: enforce that sig algo matches key algo (git-fixes).\n- KEYS: asymmetric: properly validate hash_algo and encoding (git-fixes).\n- KEYS: fix length validation in keyctl_pkey_params_get_2() (git-fixes).\n- KEYS: trusted: Avoid calling null function trusted_key_exit (git-fixes).\n- KEYS: trusted: Fix trusted key backends when building as module (git-fixes).\n- KEYS: trusted: tpm2: Fix migratable logic (git-fixes).\n- kprobes: Add kretprobe_find_ret_addr() for searching return address (bsc#1193277).\n- kprobes: Enable stacktrace from pt_regs in kretprobe handler (bsc#1193277).\n- kprobes: treewide: Cleanup the error messages for kprobes (bsc#1193277).\n- kprobes: treewide: Make it harder to refer kretprobe_trampoline directly (bsc#1193277).\n- kprobes: treewide: Remove trampoline_address from kretprobe_trampoline_handler() (bsc#1193277).\n- kprobes: treewide: Replace arch_deref_entry_point() with dereference_symbol_descriptor() (bsc#1193277).\n- kprobes: treewide: Use \u0027kprobe_opcode_t *\u0027 for the code address in get_optimized_kprobe() (bsc#1193277).\n- kselftest/arm64: bti: force static linking (git-fixes).\n- kunit: tool: Import missing importlib.abc (git-fixes).\n- KVM: arm64: Avoid consuming a stale esr value when SError occur (git-fixes).\n- KVM: arm64: Drop unused workaround_flags vcpu field (git-fixes).\n- KVM: arm64: pkvm: Use the mm_ops indirection for cache maintenance (git-fixes).\n- KVM: arm64: Use shadow SPSR_EL1 when injecting exceptions on !VHE (git-fixes).\n- KVM: Clean up benign vcpu-\u003ecpu data races when kicking vCPUs (git-fixes).\n- KVM: Ensure local memslot copies operate on up-to-date arch-specific data (git-fixes).\n- KVM: fix wrong exception emulation in check_rdtsc (git-fixes).\n- KVM: LAPIC: Drop pending LAPIC timer injection when canceling the timer (git-fixes).\n- KVM: nVMX: Abide to KVM_REQ_TLB_FLUSH_GUEST request on nested vmentry/vmexit (git-fixes).\n- KVM: nVMX: Clear IDT vectoring on nested VM-Exit for double/triple fault (git-fixes).\n- KVM: nVMX: Do not clear CR3 load/store exiting bits if L1 wants \u0027em (git-fixes).\n- KVM: nVMX: Emulate guest TLB flush on nested VM-Enter with new vpid12 (git-fixes).\n- KVM: nVMX: Ensure vCPU honors event request if posting nested IRQ fails (git-fixes).\n- KVM: nVMX: Flush current VPID (L1 vs. L2) for KVM_REQ_TLB_FLUSH_GUEST (git-fixes).\n- KVM: nVMX: Leave most VM-Exit info fields unmodified on failed VM-Entry (git-fixes).\n- KVM: PPC: Fix TCE handling for VFIO (bsc#1061840 git-fixes).\n- KVM: s390: Ensure kvm_arch_no_poll() is read once when blocking vCPU (git-fixes).\n- KVM: s390: pv: add macros for UVC CC values (git-fixes).\n- KVM: s390: pv: avoid stalls when making pages secure (git-fixes).\n- KVM: s390: vsie/gmap: reduce gmap_rmap overhead (git-fixes).\n- KVM: selftests: Do not skip L2\u0027s VMCALL in SMM test for SVM guest (bsc#1194523).\n- KVM: selftests: Re-enable access_tracking_perf_test (bsc#1194526).\n- KVM: SEV: accept signals in sev_lock_two_vms (bsc#1194526).\n- KVM: SEV: do not take kvm-\u003elock when destroying (bsc#1194526).\n- KVM: SEV: Fall back to vmalloc for SEV-ES scratch area if necessary (bsc#1194526).\n- KVM: SEV: Mark nested locking of kvm-\u003elock (bsc#1194526).\n- KVM: SEV: Return appropriate error codes if SEV-ES scratch setup fails (bsc#1194526).\n- KVM: SVM: Allow AVIC support on system w/ physical APIC ID \u003e 255 (bsc#1193823).\n- KVM: SVM: Do not terminate SEV-ES guests on GHCB validation failure (bsc#1194526).\n- KVM: SVM: drop unnecessary code in svm_hv_vmcb_dirty_nested_enlightenments() (git-fixes).\n- KVM: SVM: Emulate #INIT in response to triple fault shutdown (git-fixes).\n- KVM: SVM: Fix kvm_cache_regs.h inclusions for is_guest_mode() (git-fixes).\n- KVM: SVM: hyper-v: Enable Enlightened MSR-Bitmap support for real (git-fixes).\n- KVM: SVM: Never reject emulation due to SMAP errata for !SEV guests (git-fixes).\n- KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel data leak (git-fixes).\n- KVM: VMX: Do not unblock vCPU w/ Posted IRQ if IRQs are disabled in guest (git-fixes).\n- KVM: VMX: Fold ept_update_paging_mode_cr0() back into vmx_set_cr0() (git-fixes).\n- KVM: VMX: Invert handling of CR0.WP for EPT without unrestricted guest (git-fixes).\n- KVM: VMX: Read Posted Interrupt \u0027control\u0027 exactly once per loop iteration (git-fixes).\n- KVM: VMX: Refresh list of user return MSRs after setting guest CPUID (git-fixes).\n- KVM: VMX: Remove defunct \u0027nr_active_uret_msrs\u0027 field (git-fixes).\n- KVM: VMX: Set failure code in prepare_vmcs02() (git-fixes).\n- KVM: VMX: Skip pointless MSR bitmap update when setting EFER (git-fixes).\n- KVM: VMX: Wake vCPU when delivering posted IRQ even if vCPU == this vCPU (git-fixes).\n- KVM: x86: Assume a 64-bit hypercall for guests with protected state (git-fixes).\n- kvm: x86/cpuid: Only provide CPUID leaf 0xA if host has architectural PMU (git-fixes).\n- KVM: x86: Do not force set BSP bit when local APIC is managed by userspace (git-fixes).\n- KVM: x86: Do not mark all registers as avail/dirty during RESET/INIT (git-fixes).\n- KVM: x86: do not print when fail to read/write pv eoi memory (git-fixes).\n- KVM: x86: Drop guest CPUID check for host initiated writes to MSR_IA32_PERF_CAPABILITIES (git-fixes).\n- KVM: x86: Drop WARNs that assert a triple fault never \u0027escapes\u0027 from L2 (git-fixes).\n- KVM: x86/emulator: Defer not-present segment check in __load_segment_descriptor() (git-fixes).\n- KVM: X86: Ensure that dirty PDPTRs are loaded (git-fixes).\n- KVM: x86: Exit to userspace if emulation prepared a completion callback (git-fixes).\n- KVM: x86: Fix emulation in writing cr8 (git-fixes).\n- KVM: X86: Fix missed remote tlb flush in rmap_write_protect() (git-fixes).\n- KVM: x86: Fix uninitialized eoi_exit_bitmap usage in vcpu_load_eoi_exitmap() (git-fixes).\n- KVM: x86: Handle 32-bit wrap of EIP for EMULTYPE_SKIP with flat code seg (git-fixes).\n- KVM: x86: hyper-v: Fix the maximum number of sparse banks for XMM fast TLB flush hypercalls (git-fixes).\n- KVM: x86: Ignore sparse banks size for an \u0027all CPUs\u0027, non-sparse IPI req (git-fixes).\n- KVM: x86: Mark all registers as avail/dirty at vCPU creation (git-fixes).\n- KVM: x86: Migrate the PIT only if vcpu0 is migrated, not any BSP (git-fixes).\n- KVM: x86/mmu: Check for present SPTE when clearing dirty bit in TDP MMU (git-fixes).\n- KVM: x86/mmu: Complete prefetch for trailing SPTEs for direct, legacy MMU (git-fixes).\n- KVM: x86/mmu: Fix TLB flush range when handling disconnected pt (git-fixes).\n- KVM: x86/mmu: Fix write-protection of PTs mapped by the TDP MMU (git-fixes).\n- KVM: x86/mmu: Passing up the error state of mmu_alloc_shadow_roots() (git-fixes).\n- KVM: x86/mmu: Pass parameter flush as false in kvm_tdp_mmu_zap_collapsible_sptes() (git-fixes).\n- KVM: x86/mmu: Remove spurious TLB flushes in TDP MMU zap collapsible path (git-fixes).\n- KVM: x86/mmu: Skip tlb flush if it has been done in zap_gfn_range() (git-fixes).\n- KVM: x86/mmu: Update number of zapped pages even if page list is stable (git-fixes).\n- KVM: x86/mmu: Use yield-safe TDP MMU root iter in MMU notifier unmapping (git-fixes).\n- KVM: x86: nSVM: restore the L1 host state prior to resuming nested guest on SMM exit (git-fixes).\n- KVM: x86: nSVM: skip eax alignment check for non-SVM instructions (git-fixes).\n- KVM: x86: nSVM: test eax for 4K alignment for GP errata workaround (git-fixes).\n- KVM: x86: Pend KVM_REQ_APICV_UPDATE during vCPU creation to fix a race (git-fixes).\n- KVM: x86/pmu: Fix reserved bits for AMD PerfEvtSeln register (git-fixes).\n- KVM: x86/pmu: Use AMD64_RAW_EVENT_MASK for PERF_TYPE_RAW (git-fixes).\n- KVM: x86: Register Processor Trace interrupt hook iff PT enabled in guest (git-fixes).\n- KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs (git-fixes).\n- KVM: x86: SVM: do not set VMLOAD/VMSAVE intercepts on vCPU reset (git-fixes).\n- KVM: x86: SVM: fix avic spec based definitions again (bsc#1193823 jsc#SLE-24549).\n- KVM: x86: SVM: move avic definitions from AMD\u0027s spec to svm.h (bsc#1193823 jsc#SLE-24549).\n- KVM: X86: Synchronize the shadow pagetable before link it (git-fixes).\n- KVM: x86: Update vCPU\u0027s runtime CPUID on write to MSR_IA32_XSS (git-fixes).\n- KVM: x86: Wait for IPIs to be delivered when handling Hyper-V TLB flush hypercall (git-fixes).\n- lib: bitmap: fix many kernel-doc warnings (git-fixes).\n- libbpf: Free up resources used by inner map definition (git-fixes).\n- lib/iov_iter: initialize \u0027flags\u0027 in new pipe_buffer (git-fixes).\n- libsubcmd: Fix use-after-free for realloc(..., 0) (git-fixes).\n- linux/dim: Fix divide by 0 in RDMA DIM (git-fixes).\n- list: fix a data-race around ep-\u003erdllist (git-fixes).\n- list: introduce list_is_head() helper and re-use it in list.h (git-fixes).\n- list: test: Add a test for list_is_head() (git-fixes).\n- livepatch: Do not block removal of patches that are safe to unload (bsc#1071995).\n- locking: Make owner_on_cpu() into linux/sched.h (bsc#1190137 bsc#1189998).\n- locking: Remove rt_rwlock_is_contended() (bsc#1190137 bsc#1189998).\n- locking/rtmutex: Add rt_mutex_lock_nest_lock() and rt_mutex_lock_killable() (bsc#1190137 bsc#1189998).\n- locking/rtmutex: Squash self-deadlock check for ww_rt_mutex (bsc#1190137 bsc#1189998).\n- locking/rwlocks: introduce write_lock_nested (bsc#1189998).\n- LSM: general protection fault in legacy_parse_param (git-fixes).\n- lz4: fix LZ4_decompress_safe_partial read out of bound (git-fixes).\n- mac80211: fix EAPoL rekey fail in 802.3 rx path (git-fixes).\n- mac80211: fix forwarded mesh frames AC and queue selection (git-fixes).\n- mac80211: fix potential double free on mesh join (git-fixes).\n- mac80211: fix rx reordering with non explicit / psmp ack policy (git-fixes).\n- mac80211_hwsim: call ieee80211_tx_prepare_skb under RCU protection (git-fixes).\n- mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work (git-fixes).\n- mac80211_hwsim: report NOACK frames in tx_status (git-fixes).\n- mac80211: minstrel_ht: fix where rate stats are stored (fixes debugfs output) (git-fixes).\n- mac80211: mlme: check for null after calling kmemdup (git-fixes).\n- mac80211: refuse aggregations sessions before authorized (git-fixes).\n- mac80211: Remove a couple of obsolete TODO (git-fixes).\n- mac80211: Reset MBSSID parameters upon connection (git-fixes).\n- mac80211: treat some SAE auth steps as final (git-fixes).\n- mac80211: upgrade passive scan to active scan on DFS channels after beacon rx (git-fixes).\n- macros.kernel-source: Fix conditional expansion. Fixes: bb95fef3cf19 (\u0027rpm: Use bash for %() expansion (jsc#SLE-18234).\u0027)\n- macvlan: Fix leaking skb in source mode with nodst option (git-fixes).\n- mailbox: change mailbox-mpfs compatible string (git-fixes).\n- mailbox: imx: fix crash in resume on i.mx8ulp (git-fixes).\n- mailbox: imx: fix wakeup failure from freeze mode (git-fixes).\n- mailbox: tegra-hsp: Flush whole channel (git-fixes).\n- maple: fix wrong return value of maple_bus_init() (git-fixes).\n- md: Do not set mddev private to NULL in raid0 pers-\u003efree (git-fixes).\n- md: fix an incorrect NULL check in does_sb_need_changing (git-fixes).\n- md: fix an incorrect NULL check in md_reload_sb (git-fixes).\n- md: fix double free of io_acct_set bioset (git-fixes).\n- md: fix update super 1.0 on rdev size change (git-fixes).\n- md: Move alloc/free acct bioset in to personality (git-fixes).\n- md/raid5: play nice with PREEMPT_RT (bsc#1189998).\n- media: aspeed: Correct value for h-total-pixels (git-fixes).\n- media: atmel: atmel-isc-base: report frame sizes as full supported range (git-fixes).\n- media: atmel: atmel-isc: Fix PM disable depth imbalance in atmel_isc_probe (git-fixes).\n- media: atmel: atmel-sama5d2-isc: fix wrong mask in YUYV format check (git-fixes).\n- media: atmel: atmel-sama7g5-isc: fix ispck leftover (git-fixes).\n- media: atomisp: fix bad usage at error handling logic (git-fixes).\n- media: atomisp: fix dummy_ptr check to avoid duplicate active_bo (git-fixes).\n- media: atomisp_gmin_platform: Add DMI quirk to not turn AXP ELDO2 regulator off on some boards (git-fixes).\n- media: bttv: fix WARNING regression on tunerless devices (git-fixes).\n- media: camss: csid-170: do not enable unused irqs (git-fixes).\n- media: camss: csid-170: fix non-10bit formats (git-fixes).\n- media: camss: csid-170: remove stray comment (git-fixes).\n- media: camss: csid-170: set the right HALT_CMD when disabled (git-fixes).\n- media: camss: vfe-170: fix \u0027VFE halt timeout\u0027 error (git-fixes).\n- media: ccs-core.c: fix failure to call clk_disable_unprepare (git-fixes).\n- media: cec-adap.c: fix is_configuring state (git-fixes).\n- media: cedrus: h264: Fix neighbour info buffer size (git-fixes).\n- media: cedrus: H265: Fix neighbour info buffer size (git-fixes).\n- media: coda: Fix missing put_device() call in coda_get_vdoa_data (git-fixes).\n- media: cx25821: Fix the warning when removing the module (git-fixes).\n- media: cx88-mpeg: clear interrupt status register before streaming video (git-fixes).\n- media: davinci: Make use of the helper function devm_platform_ioremap_resource() (git-fixes).\n- media: davinci: vpif: fix unbalanced runtime PM enable (git-fixes).\n- media: davinci: vpif: fix unbalanced runtime PM get (git-fixes).\n- media: davinci: vpif: fix use-after-free on driver unbind (git-fixes).\n- media: doc: pixfmt-rgb: Fix V4L2_PIX_FMT_BGR24 format description (git-fixes).\n- media: doc: pixfmt-yuv: Fix V4L2-PIX-FMT-Y10P format (git-fixes).\n- media: em28xx: initialize refcount before kref_get (git-fixes).\n- media: gpio-ir-tx: fix transmit with long spaces on Orange Pi PC (git-fixes).\n- media: hantro: Empty encoder capture buffers by default (git-fixes).\n- media: hantro: Fix overfill bottom register field name (git-fixes).\n- media: hantro: HEVC: Fix tile info buffer value computation (git-fixes).\n- media: hantro: HEVC: unconditionnaly set pps_{cb/cr}_qp_offset values (git-fixes).\n- media: hdpvr: initialize dev-\u003eworker at hdpvr_register_videodev (git-fixes).\n- media: i2c: max9286: fix kernel oops when removing module (git-fixes).\n- media: i2c: max9286: Use dev_err_probe() helper (git-fixes).\n- media: i2c: max9286: Use \u0027maxim,gpio-poc\u0027 property (git-fixes).\n- media: i2c: ov5648: Fix lockdep error (git-fixes).\n- media: i2c: ov5648: fix wrong pointer passed to IS_ERR() and PTR_ERR() (git-fixes).\n- media: i2c: rdacm2x: properly set subdev entity function (git-fixes).\n- media: imon: reorganize serialization (git-fixes).\n- media: imx-jpeg: fix a bug of accessing array out of bounds (git-fixes).\n- media: imx-jpeg: Prevent decoding NV12M jpegs into single-planar buffers (git-fixes).\n- media: iommu/mediatek: Add device_link between the consumer and the larb devices (git-fixes).\n- media: iommu/mediatek: Return ENODEV if the device is NULL (git-fixes).\n- media: iommu/mediatek-v1: Free the existed fwspec if the master dev already has (git-fixes).\n- media: ir_toy: free before error exiting (git-fixes).\n- media: media-entity.h: Fix documentation for media_create_intf_link (git-fixes).\n- media: mexon-ge2d: fixup frames size in registers (git-fixes).\n- media: mtk-vcodec: potential dereference of null pointer (git-fixes).\n- media: omap3isp: Use struct_group() for memcpy() region (git-fixes).\n- media: ov5640: Fix set format, v4l2_mbus_pixelcode not updated (git-fixes).\n- media: ov5648: Do not pack controls struct (git-fixes).\n- media: ov6650: Add try support to selection API operations (git-fixes).\n- media: ov6650: Fix crop rectangle affected by set format (git-fixes).\n- media: ov6650: Fix set format try processing path (git-fixes).\n- media: ov7670: remove ov7670_power_off from ov7670_remove (git-fixes).\n- media: pci: cx23885: Fix the error handling in cx23885_initdev() (git-fixes).\n- media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init (git-fixes).\n- media: Revert \u0027media: em28xx: add missing em28xx_close_extension\u0027 (git-fixes).\n- media: rga: fix possible memory leak in rga_probe (git-fixes).\n- media: rkvdec: h264: Fix bit depth wrap in pps packet (git-fixes).\n- media: rkvdec: h264: Fix dpb_valid implementation (git-fixes).\n- media: rkvdec: Stop overclocking the decoder (git-fixes).\n- media: rockchip/rga: do proper error checking in probe (git-fixes).\n- media: saa7134: fix incorrect use to determine if list is empty (git-fixes).\n- media: staging: media: imx: imx7-mipi-csis: Make subdev name unique (git-fixes).\n- media: staging: media: rkvdec: Make use of the helper function devm_platform_ioremap_resource() (git-fixes).\n- media: staging: media: zoran: calculate the right buffer number for zoran_reap_stat_com (git-fixes).\n- media: staging: media: zoran: fix usage of vb2_dma_contig_set_max_seg_size (git-fixes).\n- media: staging: media: zoran: fix various V4L2 compliance errors (git-fixes).\n- media: staging: media: zoran: move videodev alloc (git-fixes).\n- media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED (git-fixes).\n- media: ti-vpe: cal: Fix a NULL pointer dereference in cal_ctx_v4l2_init_formats() (git-fixes).\n- media: usb: go7007: s2250-board: fix leak in probe() (git-fixes).\n- media: uvcvideo: Fix missing check to determine if element is found in list (git-fixes).\n- media: v4l2-core: Initialize h264 scaling matrix (git-fixes).\n- media: v4l2-mem2mem: Apply DST_QUEUE_OFF_BASE on MMAP buffers across ioctls (git-fixes).\n- media: v4l: Avoid unaligned access warnings when printing 4cc modifiers (git-fixes).\n- media: venus: hfi: avoid null dereference in deinit (git-fixes).\n- media: venus: hfi_cmds: List HDR10 property as unsupported for v1 and v3 (git-fixes).\n- media: videobuf2: Fix the size printk format (git-fixes).\n- media: video/hdmi: handle short reads of hdmi info frame (git-fixes).\n- media: vidtv: Check for null return of vzalloc (git-fixes).\n- mei: avoid iterator usage outside of list_for_each_entry (git-fixes).\n- mei: hbm: drop capability response on early shutdown (git-fixes).\n- mei: me: add Alder Lake N device id (git-fixes).\n- mei: me: add raptor lake point S DID (git-fixes).\n- mei: me: disable driver on the ign firmware (git-fixes).\n- memblock: fix memblock_phys_alloc() section mismatch error (git-fixes).\n- memory: atmel-ebi: Fix missing of_node_put in atmel_ebi_probe (git-fixes).\n- memory: emif: Add check for setup_interrupts (git-fixes).\n- memory: emif: check the pointer temp in get_device_details() (git-fixes).\n- memory: fsl_ifc: populate child nodes of buses and mfd devices (git-fixes).\n- memory: mtk-smi: Add error handle for smi_probe (git-fixes).\n- memory: renesas-rpc-if: Fix HF/OSPI data transfer in Manual Mode (git-fixes).\n- memory: renesas-rpc-if: fix platform-device leak in error path (git-fixes).\n- memory: samsung: exynos5422-dmc: Avoid some over memory allocation (git-fixes).\n- memory: samsung: exynos5422-dmc: Fix refcount leak in of_get_dram_timings (git-fixes).\n- mfd: asic3: Add missing iounmap() on error asic3_mfd_probe (git-fixes).\n- mfd: davinci_voicecodec: Fix possible null-ptr-deref davinci_vc_probe() (git-fixes).\n- mfd: exynos-lpass: Drop unneeded syscon.h include (git-fixes).\n- mfd: ipaq-micro: Fix error check return value of platform_get_irq() (git-fixes).\n- mfd: mc13xxx: Add check for mc13xxx_irq_request (git-fixes).\n- mgag200 fix memmapsl configuration in GCTL6 register (git-fixes).\n- misc: alcor_pci: Fix an error handling path (git-fixes).\n- misc: atmel-ssc: Fix IRQ check in ssc_probe (git-fixes).\n- misc: fastrpc: avoid double fput() on failed usercopy (git-fixes).\n- misc: fastrpc: fix an incorrect NULL check on list iterator (git-fixes).\n- misc: ocxl: fix possible double free in ocxl_file_register_afu (git-fixes).\n- misc: rtsx: set NULL intfdata when probe fails (git-fixes).\n- misc: sgi-gru: Do not cast parameter in bit operations (git-fixes).\n- mISDN: Fix memory leak in dsp_pipeline_build() (git-fixes).\n- mlx5: kabi protect lag_mp (git-fixes).\n- mlxsw: spectrum: Protect driver from buggy firmware (git-fixes).\n- mm: Add fault_in_subpage_writeable() to probe at sub-page granularity (git-fixes)\n- mmc: block: Check for errors after write on SPI (git-fixes).\n- mmc: block: fix read single on recovery logic (git-fixes).\n- mmc: core: Allows to override the timeout value for ioctl() path (git-fixes).\n- mmc: core: Fixup support for writeback-cache for eMMC and SD (git-fixes).\n- mmc: core: Set HS clock speed before sending HS CMD13 (git-fixes).\n- mmc: core: Wait for command setting \u0027Power Off Notification\u0027 bit to complete (git-fixes).\n- mmc: davinci_mmc: Handle error for clk_enable (git-fixes).\n- mm: Change CONFIG option for mm-\u003epasid field (jsc#SLE-24350).\n- mmc: host: Return an error when -\u003eenable_sdio_irq() ops is missing (git-fixes).\n- mmc: jz4740: Apply DMA engine limits to maximum segment size (git-fixes).\n- mm/cma: provide option to opt out from exposing pages on activation failure (bsc#1195099 ltc#196102).\n- mmc: mediatek: wait dma stop bit reset to 0 (git-fixes).\n- mmc: meson: Fix usage of meson_mmc_post_req() (git-fixes).\n- mmc: mmci: stm32: correctly check all elements of sg list (git-fixes).\n- mmc: renesas_sdhi: do not overwrite TAP settings when HS400 tuning is complete (git-fixes).\n- mmc: rtsx: add 74 Clocks in power on flow (git-fixes).\n- mmc: rtsx: Fix build errors/warnings for unused variable (git-fixes).\n- mmc: rtsx: Let MMC core handle runtime PM (git-fixes).\n- mmc: rtsx: Use pm_runtime_{get,put}() to handle runtime PM (git-fixes).\n- mmc: sdhci_am654: Fix the driver data of AM64 SoC (git-fixes).\n- mmc: sdhci-msm: Reset GCC_SDCC_BCR register for SDHC (git-fixes).\n- mmc: sdhci-of-esdhc: Check for error num after setting mask (git-fixes).\n- mmc: sdhci-pci-o2micro: Fix card detect by dealing with debouncing (git-fixes).\n- mmc: sunxi-mmc: Fix DMA descriptors allocated above 32 bits (git-fixes).\n- mm: fs: fix lru_cache_disabled race in bh_lru (bsc#1197761).\n- mm: Fully initialize invalidate_lock, amend lock class later (bsc#1197921).\n- mm: memcg: synchronize objcg lists with a dedicated spinlock (bsc#1198402).\n- mm/page_alloc: always attempt to allocate at least one page during bulk allocation (git fixes (mm/pgalloc)).\n- mm/page_alloc.c: do not warn allocation failure on zone DMA if no managed pages (bsc#1197501).\n- mm, page_alloc: fix build_zonerefs_node() (git-fixes).\n- mm/scatterlist: replace the !preemptible warning in sg_miter_stop() (bsc#1189998).\n- mm/slub: add missing TID updates on slab deactivation (git-fixes).\n- mm, thp: fix incorrect unmap behavior for private pages (bsc#1198024).\n- mm, thp: lock filemap when truncating page cache (bsc#1198023).\n- mm/vmalloc: fix comments about vmap_area struct (git-fixes).\n- mm_zone: add function to check if managed dma zone exists (bsc#1197501).\n- modpost: fix removing numeric suffixes (git-fixes).\n- modpost: fix section mismatch check for exported init/exit sections (git-fixes).\n- modpost: fix undefined behavior of is_arm_mapping_symbol() (git-fixes).\n- modpost: restore the warning message for missing symbol versions (git-fixes).\n- Move upstreamed ALSA fix into sorted section\n- Move upstreamed x86 patches into sorted section\n- mptcp: add missing documented NL params (git-fixes).\n- mt76: connac: fix sta_rec_wtbl tag len (git-fixes).\n- mt76: dma: initialize skip_unmap in mt76_dma_rx_fill (git-fixes).\n- mt76: do not attempt to reorder received 802.3 packets without agg session (git-fixes).\n- mt76: fix encap offload ethernet type check (git-fixes).\n- mt76: fix monitor mode crash with sdio driver (git-fixes).\n- mt76: Fix undefined behavior due to shift overflowing the constant (git-fixes).\n- mt76: mt7603: check sta_rates pointer in mt7603_sta_rate_tbl_update (git-fixes).\n- mt76: mt7615: check sta_rates pointer in mt7615_sta_rate_tbl_update (git-fixes).\n- mt76: mt7615: fix a leftover race in runtime-pm (git-fixes).\n- mt76: mt7615: Fix assigning negative values to unsigned variable (git-fixes).\n- mt76: mt7915: fix injected MPDU transmission to not use HW A-MSDU (git-fixes).\n- mt76: mt7915: use proper aid value in mt7915_mcu_sta_basic_tlv (git-fixes).\n- mt76: mt7915: use proper aid value in mt7915_mcu_wtbl_generic_tlv in sta mode (git-fixes).\n- mt76: mt7921: accept rx frames with non-standard VHT MCS10-11 (git-fixes).\n- mt76: mt7921e: fix possible probe failure after reboot (bsc#1198835).\n- mt76: mt7921: fix a leftover race in runtime-pm (git-fixes).\n- mt76: mt7921: fix crash when startup fails (git-fixes).\n- mt76: mt7921: fix mt7921_queues_acq implementation (git-fixes).\n- mt76: mt7921: Fix the error handling path of mt7921_pci_probe() (git-fixes).\n- mtd: cfi_cmdset_0002: Move and rename chip_check/chip_ready/chip_good_for_write (git-fixes).\n- mtd: mchp23k256: Add SPI ID table (git-fixes).\n- mtd: mchp48l640: Add SPI ID table (git-fixes).\n- mtd: onenand: Check for error irq (git-fixes).\n- mtd: parsers: qcom: Fix kernel panic on skipped partition (git-fixes).\n- mtd: parsers: qcom: Fix missing free for pparts in cleanup (git-fixes).\n- mtd: phram: Prevent divide by zero bug in phram_setup() (git-fixes).\n- mtd: rawnand: atmel: fix refcount issue in atmel_nand_controller_init (git-fixes).\n- mtd: rawnand: brcmnand: Fixed incorrect sub-page ECC status (git-fixes).\n- mtd: rawnand: cadence: fix possible null-ptr-deref in cadence_nand_dt_probe() (git-fixes).\n- mtd: rawnand: denali: Use managed device resources (git-fixes).\n- mtd: rawnand: fix ecc parameters for mt7622 (git-fixes).\n- mtd: rawnand: Fix return value check of wait_for_completion_timeout (git-fixes).\n- mtd: rawnand: gpmi: do not leak PM reference in error path (git-fixes).\n- mtd: rawnand: gpmi: fix controller timings setting (git-fixes).\n- mtd: rawnand: gpmi: Fix setting busy timeout setting (git-fixes).\n- mtd: rawnand: ingenic: Fix missing put_device in ingenic_ecc_get (git-fixes).\n- mtd: rawnand: intel: fix possible null-ptr-deref in ebu_nand_probe() (git-fixes).\n- mtd: rawnand: pl353: Set the nand chip node as the flash node (git-fixes).\n- mtd: rawnand: qcom: Fix clock sequencing in qcom_nandc_probe() (git-fixes).\n- mtd: rawnand: qcom: fix memory corruption that causes panic (git-fixes).\n- mtd: spinand: gigadevice: fix Quad IO for GD5F1GQ5UExxG (git-fixes).\n- mtd: spi-nor: core: Check written SR value in spi_nor_write_16bit_sr_and_check() (git-fixes).\n- mwifiex: add mutex lock for call in mwifiex_dfs_chan_sw_work_queue (git-fixes).\n- n64cart: convert bi_disk to bi_bdev-\u003ebd_disk fix build (git-fixes).\n- natsemi: sonic: stop calling netdev_boot_setup_check (git-fixes).\n- net: asix: add proper error handling of usb read errors (git-fixes).\n- net: atlantic: Avoid out-of-bounds indexing (git-fixes).\n- net: ax25: Fix deadlock caused by skb_recv_datagram in ax25_recvmsg (git-fixes).\n- net: axienet: setup mdio unconditionally (git-fixes).\n- net: bnxt_ptp: fix compilation error (bsc#1199736).\n- net: dev: Always serialize on Qdisc::busylock in __dev_xmit_skb() on PREEMPT_RT (bsc#1189998).\n- net: dev: Change the order of the arguments for the contended condition (bsc#1189998).\n- net: dpaa2-eth: fix use-after-free in dpaa2_eth_remove (git-fixes).\n- net: ethernet: lantiq_etop: fix build errors/warnings (git-fixes).\n- net: ethernet: mediatek: add missing of_node_put() in mtk_sgmii_init() (git-fixes).\n- net: ethernet: mtk_eth_soc: fix misuse of mem alloc interface netdev[napi]_alloc_frag (git-fixes).\n- net: ethernet: mtk_eth_soc: out of bounds read in mtk_hwlro_get_fdir_entry() (git-fixes).\n- net: ethernet: ti: am65-cpsw-nuss: Fix some refcount leaks (git-fixes).\n- netfilter: conntrack: move synack init code to helper (bsc#1199035).\n- netfilter: conntrack: re-init state for retransmitted syn-ack (bsc#1199035).\n- netfilter: nf_conntrack_tcp: preserve liberal flag in tcp options (bsc#1199035).\n- netfilter: nf_conntrack_tcp: re-init for syn packets only (bsc#1199035).\n- net: handle ARPHRD_PIMREG in dev_is_mac_header_xmit() (git-fixes).\n- net: hns3: add NULL pointer check for hns3_set/get_ringparam() (git-fixes).\n- net: hns3: add return value for mailbox handling in PF (bsc#1190336).\n- net: hns3: add validity check for message data length (git-fixes).\n- net: hns3: add vlan list lock to protect vlan list (git-fixes).\n- net: hns3: align the debugfs output to the left (git-fixes).\n- net: hns3: clear inited state and stop client after failed to register netdev (git-fixes).\n- net: hns3: fix bug when PF set the duplicate MAC address for VFs (git-fixes).\n- net: hns3: fix phy can not link up when autoneg off and reset (git-fixes).\n- net: hns3: fix port base vlan add fail when concurrent with reset (git-fixes).\n- net: hns3: fix software vlan talbe of vlan 0 inconsistent with hardware (git-fixes).\n- net: hns3: handle empty unknown interrupt for VF (git-fixes).\n- net: hns3: modify the return code of hclge_get_ring_chain_from_mbx (git-fixes).\n- net: hns3: refine the process when PF set VF VLAN (git-fixes).\n- net/ibmvnic: Cleanup workaround doing an EOI after partition migration (bsc#1089644 ltc#166495 ltc#165544 git-fixes).\n- net/ice: Add support for enable_iwarp and enable_roce devlink param (bsc#1200502).\n- net/ice: Fix boolean assignment (bsc#1200502).\n- net/ice: Remove unused enum (bsc#1200502).\n- net: ipa: disable HOLB drop when updating timer (git-fixes).\n- net: ipa: HOLB register sometimes must be written twice (git-fixes).\n- net/ipa: ipa_resource: Fix wrong for loop range (git-fixes).\n- net: ipv6: unexport __init-annotated seg6_hmac_init() (bsc#1201218).\n- net: ipv6: unexport __init-annotated seg6_hmac_net_init() (bsc#1201218).\n- net: macb: Align the dma and coherent dma masks (git-fixes).\n- net: mana: Add counter for packet dropped by XDP (bsc#1195651).\n- net: mana: Add counter for XDP_TX (bsc#1195651).\n- net: mana: Add handling of CQE_RX_TRUNCATED (bsc#1195651).\n- net: mana: Remove unnecessary check of cqe_type in mana_process_rx_cqe() (bsc#1195651).\n- net: mana: Reuse XDP dropped page (bsc#1195651).\n- net: mana: Use struct_size() helper in mana_gd_create_dma_region() (bsc#1195651).\n- net: marvell: mvpp2: increase MTU limit when XDP enabled (git-fixes).\n- net: marvell: prestera: fix double free issue on err path (git-fixes).\n- net: mdio: do not defer probe forever if PHY IRQ provider is missing (git-fixes).\n- net: mdio: unexport __init-annotated mdio_bus_init() (bsc#1201218).\n- net/mlx5: Avoid double clear or set of sync reset requested (git-fixes).\n- net/mlx5: Bridge, ensure dev_name is null-terminated (git-fixes).\n- net/mlx5: Bridge, Fix devlink deadlock on net namespace deletion (git-fixes).\n- net/mlx5: Bridge, take rtnl lock in init error handler (git-fixes).\n- net/mlx5: DR, Cache STE shadow memory (git-fixes).\n- net/mlx5: DR, Do not allow match on IP w/o matching on full ethertype/ip_version (git-fixes).\n- net/mlx5: DR, Fix slab-out-of-bounds in mlx5_cmd_dr_create_fte (jsc#SLE-19253).\n- net/mlx5: DR, Fix the threshold that defines when pool sync is initiated (git-fixes).\n- net/mlx5e: Add missing increment of count (jsc#SLE-19253).\n- net/mlx5e: Avoid field-overflowing memcpy() (git-fixes).\n- net/mlx5e: Avoid implicit modify hdr for decap drop rule (jsc#SLE-19253).\n- net/mlx5e: CT: Fix queued up restore put() executing after relevant ft release (git-fixes).\n- net/mlx5e: Do not treat small ceil values as unlimited in HTB offload (git-fixes).\n- net/mlx5e: Fix broken SKB allocation in HW-GRO (jsc#SLE-19253).\n- net/mlx5e: Fix handling of wrong devices during bond netevent (git-fixes).\n- net/mlx5e: Fix module EEPROM query (git-fixes).\n- net/mlx5e: Fix the calling of update_buffer_lossy() API (git-fixes).\n- net/mlx5e: Fix trust state reset in reload (git-fixes).\n- net/mlx5e: Fix wrong calculation of header index in HW_GRO (jsc#SLE-19253).\n- net/mlx5e: Fix wrong return value on ioctl EEPROM query failure (git-fixes).\n- net/mlx5e: Fix wrong source vport matching on tunnel rule (jsc#SLE-19253).\n- net/mlx5e: IPsec: Fix crypto offload for non TCP/UDP encapsulated traffic (git-fixes).\n- net/mlx5e: IPsec: Fix tunnel mode crypto offload for non TCP/UDP traffic (git-fixes).\n- net/mlx5e: kTLS, Use CHECKSUM_UNNECESSARY for device-offloaded packets (git-fixes).\n- net/mlx5e: Lag, Do not skip fib events on current dst (git-fixes).\n- net/mlx5e: Lag, Fix fib_info pointer assignment (git-fixes).\n- net/mlx5e: Lag, Fix use-after-free in fib event handler (git-fixes).\n- net/mlx5e: Lag, Only handle events from highest priority multipath entry (git-fixes).\n- net/mlx5e: MPLSoUDP decap, fix check for unsupported matches (git-fixes).\n- net/mlx5e: SHAMPO, reduce TIR indication (jsc#SLE-19253).\n- net/mlx5: E-Switch, Fix uninitialized variable modact (git-fixes).\n- net/mlx5e: TC, Reject rules with drop and modify hdr action (git-fixes).\n- net/mlx5e: TC, Reject rules with forward and drop actions (git-fixes).\n- net/mlx5e: Use struct_group() for memcpy() region (git-fixes).\n- net/mlx5: Fix a race on command flush flow (git-fixes).\n- net/mlx5: Fix deadlock in sync reset flow (git-fixes).\n- net/mlx5: Fix matching on inner TTC (jsc#SLE-19253).\n- net/mlx5: Fix offloading with ESWITCH_IPV4_TTL_MODIFY_ENABLE (jsc#SLE-19253).\n- net/mlx5: Fix possible deadlock on rule deletion (git-fixes).\n- net/mlx5: Fix size field in bufferx_reg struct (git-fixes).\n- net/mlx5: Fix slab-out-of-bounds while reading resource dump menu (git-fixes).\n- net/mlx5: Fix tc max supported prio for nic mode (git-fixes).\n- net/mlx5: Fix wrong limitation of metadata match on ecpf (git-fixes).\n- net/mlx5: Update the list of the PCI supported devices (git-fixes).\n- net/mlx5: Use del_timer_sync in fw reset flow of halting poll (git-fixes).\n- net: mvmdio: fix compilation warning (git-fixes).\n- net: netvsc: remove break after return (git-fixes).\n- net: phy: ax88772a: fix lost pause advertisement configuration (git-fixes).\n- net: phy: broadcom: Fix brcm_fet_config_init() (git-fixes).\n- net: phy: correct spelling error of media in documentation (git-fixes).\n- net: phy: DP83822: clear MISR2 register to disable interrupts (git-fixes).\n- net: phy: dp83867: retrigger SGMII AN when link change (git-fixes).\n- net: phy: Fix race condition on link status change (git-fixes).\n- net: phy: marvell10g: fix return value on error (git-fixes).\n- net: phy: marvell: Fix invalid comparison in the resume and suspend functions (git-fixes).\n- net: phy: marvell: Fix MDI-x polarity setting in 88e1118-compatible PHYs (git-fixes).\n- net: phy: marvell: Fix RGMII Tx/Rx delays setting in 88e1121-compatible PHYs (git-fixes).\n- net: phy: mediatek: remove PHY mode check on MT7531 (git-fixes).\n- net: phy: meson-gxl: fix interrupt handling in forced mode (git-fixes).\n- net: phy: meson-gxl: improve link-up behavior (git-fixes).\n- net: phy: micrel: Allow probing without .driver_data (git-fixes).\n- net: phy: micrel: Do not use kszphy_suspend/resume for KSZ8061 (git-fixes).\n- net: phy: micrel: Pass .probe for KS8737 (git-fixes).\n- net: phy: mscc: Add MODULE_FIRMWARE macros (git-fixes).\n- net: phy: mscc-miim: reject clause 45 register accesses (git-fixes).\n- net: qlogic: check the return value of dma_alloc_coherent() in qed_vf_hw_prepare() (git-fixes).\n- net: rose: fix UAF bugs caused by timer handler (git-fixes).\n- net: sfc: add missing xdp queue reinitialization (git-fixes).\n- net: sfc: ef10: fix memory leak in efx_ef10_mtd_probe() (git-fixes).\n- net: sfc: fix memory leak due to ptp channel (git-fixes).\n- net: sfc: fix using uninitialized xdp tx_queue (git-fixes).\n- net/smc: Avoid warning of possible recursive locking (git-fixes).\n- net/smc: fix connection leak (git-fixes).\n- net/smc: fixes for converting from \u0027struct smc_cdc_tx_pend **\u0027 to \u0027struct smc_wr_tx_pend_priv *\u0027 (git-fixes).\n- net/smc: Fix NULL pointer dereference in smc_pnet_find_ib() (git-fixes).\n- net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error cause by server (git-fixes).\n- net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error generated by client (git-fixes).\n- net/smc: non blocking recvmsg() return -EAGAIN when no data and signal_pending (git-fixes).\n- net/smc: postpone sk_refcnt increment in connect() (git-fixes).\n- net/smc: remove redundant re-assignment of pointer link (git-fixes).\n- net/smc: Remove unused function declaration (git-fixes).\n- net/smc: Reset conn-\u003elgr when link group registration fails (git-fixes).\n- net/smc: set ini-\u003esmcrv2.ib_dev_v2 to NULL if SMC-Rv2 is unavailable (git-fixes).\n- net/smc: sync err code when tcp connection was refused (git-fixes).\n- net/smc: Transfer remaining wait queue entries during fallback (git-fixes).\n- net/smc: Transitional solution for clcsock race issue (git-fixes).\n- net/smc: Use a mutex for locking \u0027struct smc_pnettable\u0027 (git-fixes).\n- net/smc: use memcpy instead of snprintf to avoid out of bounds read (git-fixes).\n- net: stmmac: fix gcc-10 -Wrestrict warning (git-fixes).\n- net: stmmac: Fix signed/unsigned wreckage (git-fixes).\n- net: stmmac: socfpga: add runtime suspend/resume callback for stratix10 platform (git-fixes).\n- net: usb: aqc111: Fix out-of-bounds accesses in RX fixup (git-fixes).\n- net: usb: asix: do not force pause frames support (git-fixes).\n- net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup (git-fixes).\n- net: usb: ax88179_178a: Fix packet receiving (git-fixes).\n- net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990 (git-fixes).\n- net: usb: qmi_wwan: Add support for Dell DW5829e (git-fixes).\n- Netvsc: Call hv_unmap_memory() in the netvsc_device_remove() (bsc#1183682).\n- net/x25: Fix null-ptr-deref caused by x25_disconnect (git-fixes).\n- net: xfrm: unexport __init-annotated xfrm4_protocol_init() (bsc#1201218).\n- nfc: hci: fix sleep in atomic context bugs in nfc_hci_hcp_message_tx (git-fixes).\n- nfc: nci: add flush_workqueue to prevent uaf (git-fixes).\n- nfc: nci: fix sleep in atomic context bugs caused by nci_skb_alloc (git-fixes).\n- nfc: netlink: fix sleep in atomic bug when firmware download timeout (git-fixes).\n- nfc: nfcmrvl: Fix irq_of_parse_and_map() return value (git-fixes).\n- nfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred (git-fixes).\n- nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs (git-fixes).\n- nfc: NULL out the dev-\u003erfkill to prevent UAF (git-fixes).\n- NFC: nxp-nci: Do not issue a zero length i2c_master_read() (git-fixes).\n- nfc: pn533: Fix buggy cleanup order (git-fixes).\n- nfc: port100: fix use-after-free in port100_send_complete (git-fixes).\n- nfc: st21nfca: fix incorrect sizing calculations in EVT_TRANSACTION (git-fixes).\n- nfc: st21nfca: fix incorrect validating logic in EVT_TRANSACTION (git-fixes).\n- nfc: st21nfca: fix memory leaks in EVT_TRANSACTION handling (git-fixes).\n- nfp: checking parameter process for rx-usecs/tx-usecs is invalid (git-fixes).\n- nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac() (git-fixes).\n- nfp: flower: fix ida_idx not being released (git-fixes).\n- NFS: Avoid duplicate uncached readdir calls on eof (git-fixes).\n- NFSD: allow delegation state ids to be revoked and then freed (bsc#1192483).\n- NFSD: allow lock state ids to be revoked and then freed (bsc#1192483).\n- NFSD: allow open state ids to be revoked and then freed (bsc#1192483).\n- nfsd: destroy percpu stats counters after reply cache shutdown (git-fixes).\n- NFSD: do not admin-revoke NSv4.0 state ids (bsc#1192483).\n- NFSD: Fix a write performance regression (bsc#1197016).\n- NFSD: fix crash on COPY_NOTIFY with special stateid (git-fixes).\n- NFSD: Fix nsfd startup race (again) (git-fixes).\n- nfsd: Fix null-ptr-deref in nfsd_fill_super() (git-fixes).\n- NFSD: Fix READDIR buffer overflow (git-fixes).\n- NFSD: Fix the behavior of READ near OFFSET_MAX (bsc#1195957).\n- NFSD: Fix verifier returned in stable WRITEs (git-fixes).\n- NFSD: Fix zero-length NFSv3 WRITEs (git-fixes).\n- NFSD: more robust allocation failure handling in nfsd_file_cache_init (git-fixes).\n- NFSD: nfsd4_setclientid_confirm mistakenly expires confirmed client (git-fixes).\n- NFS: Do not loop forever in nfs_do_recoalesce() (git-fixes).\n- NFS: Do not overfill uncached readdir pages (git-fixes).\n- NFS: Do not report EINTR/ERESTARTSYS as mapping errors (git-fixes).\n- NFS: Do not report ENOSPC write errors twice (git-fixes).\n- NFS: Do not report errors from nfs_pageio_complete() more than once (git-fixes).\n- NFS: Do not report flush errors in nfs_write_end() (git-fixes).\n- NFS: Do not report writeback errors in nfs_getattr() (git-fixes).\n- NFS: Do not skip directory entries when doing uncached readdir (git-fixes).\n- NFS: do not store \u0027struct cred *\u0027 in struct nfs_access_entry (git-fixes).\n- NFSD: prepare for supporting admin-revocation of state (bsc#1192483).\n- NFSD: Replace use of rwsem with errseq_t (bsc#1196960).\n- NFS: Ensure the server had an up to date ctime before hardlinking (git-fixes).\n- NFS: Ensure the server had an up to date ctime before renaming (git-fixes).\n- NFS: fix broken handling of the softreval mount option (git-fixes).\n- NFS: Fix initialisation of nfs_client cl_flags field (git-fixes).\n- NFS: fsync() should report filesystem errors over EINTR/ERESTARTSYS (git-fixes).\n- NFS: Further fixes to the writeback error handling (git-fixes).\n- NFS: limit use of ACCESS cache for negative responses (bsc#1196570).\n- NFS: Memory allocation failures are not server fatal errors (git-fixes).\n- NFS: NFSv2/v3 clients should never be setting NFS_CAP_XATTR (git-fixes).\n- NFS: pass cred explicitly for access tests (git-fixes).\n- NFS: Remove an incorrect revalidation in nfs4_update_changeattr_locked() (git-fixes).\n- NFS: Return valid errors from nfs2/3_decode_dirent() (git-fixes).\n- NFS: Use of mapping_set_error() results in spurious errors (git-fixes).\n- NFSv4.1: do not retry BIND_CONN_TO_SESSION on session error (git-fixes).\n- NFSv4.1 mark qualified async operations as MOVEABLE tasks (git-fixes).\n- NFSv42: Do not fail clone() unless the OP_CLONE operation failed (git-fixes).\n- NFSv42: Fix pagecache invalidation after COPY/CLONE (git-fixes).\n- NFSv4: Do not invalidate inode attributes on delegation return (git-fixes).\n- NFSv4: Fix another issue with a list iterator pointing to the head (git-fixes).\n- NFSv4: fix open failure with O_ACCMODE flag (git-fixes).\n- NFSv4: nfs_atomic_open() can race when looking up a non-regular file (git-fixes).\n- NFSv4/pNFS: Do not fail I/O when we fail to allocate the pNFS layout (git-fixes).\n- nl80211: correctly check NL80211_ATTR_REG_ALPHA2 size (git-fixes).\n- nl80211: fix locking in nl80211_set_tx_bitrate_mask() (git-fixes).\n- nl80211: Handle nla_memdup failures in handle_nan_filter (git-fixes).\n- nl80211: show SSID for P2P_GO interfaces (git-fixes).\n- nl80211: Update bss channel on channel switch for P2P_CLIENT (git-fixes).\n- nl80211: validate S1G channel width (git-fixes).\n- ntb_hw_switchtec: Fix bug with more than 32 partitions (git-fixes).\n- ntb_hw_switchtec: Fix pff ioread to read into mmio_part_cfg_all (git-fixes).\n- ntb: intel: fix port config status offset for SPR (git-fixes).\n- n_tty: wake up poll(POLLRDNORM) on receiving data (git-fixes).\n- nvme: add verbose error logging (bsc#1200567). Update config files.\n- nvme: also mark passthrough-only namespaces ready in nvme_update_ns_info (git-fixes).\n- nvme: do not return an error from nvme_configure_metadata (git-fixes).\n- nvme: expose cntrltype and dctype through sysfs (jsc#SLE-23643).\n- nvme: fix a possible use-after-free in controller reset during load (git-fixes).\n- nvme-multipath: use vmalloc for ANA log buffer (bsc#1193787).\n- nvme: send uevent on connection up (jsc#SLE-23643).\n- objtool: Add frame-pointer-specific function ignore (bsc#1193277).\n- objtool: Fix code relocs vs weak symbols (git-fixes).\n- objtool: Fix type of reloc::addend (git-fixes).\n- objtool: Ignore unwind hints for ignored functions (bsc#1193277).\n- ocfs2: fix crash when initialize filecheck kobj fails (bsc#1197920).\n- of: base: Fix phandle argument length mismatch error message (git-fixes).\n- of: base: Improve argument length mismatch error (git-fixes).\n- of/fdt: Do not worry about non-memory region overlap for no-map (git-fixes).\n- of: overlay: do not break notify on NOTIFY_{OK|STOP} (git-fixes).\n- of: Support more than one crash kernel regions for kexec -s (git-fixes).\n- of: unittest: 64 bit dma address test requires arch support (git-fixes).\n- of: unittest: fix warning on PowerPC frame size warning (git-fixes).\n- of: unittest: update text of expected warnings (git-fixes).\n- pahole 1.22 required for full BTF features. also recommend pahole for kernel-source to make the kernel buildable with standard config\n- PCI: aardvark: Add support for DEVCAP2, DEVCTL2, LNKCAP2 and LNKCTL2 registers on emulated bridge (git-fixes).\n- PCI: aardvark: Add support for ERR interrupt on emulated bridge (git-fixes).\n- PCI: aardvark: Add support for masking MSI interrupts (git-fixes).\n- PCI: aardvark: Add support for PME interrupts (git-fixes).\n- PCI: aardvark: Assert PERST# when unbinding driver (git-fixes).\n- PCI: aardvark: Clear all MSIs at setup (git-fixes).\n- PCI: aardvark: Comment actions in driver remove method (git-fixes).\n- PCI: aardvark: Disable bus mastering when unbinding driver (git-fixes).\n- PCI: aardvark: Disable common PHY when unbinding driver (git-fixes).\n- PCI: aardvark: Disable link training when unbinding driver (git-fixes).\n- PCI: aardvark: Do not mask irq when mapping (git-fixes).\n- PCI: aardvark: Drop __maybe_unused from advk_pcie_disable_phy() (git-fixes).\n- PCI: aardvark: Enable MSI-X support (git-fixes).\n- PCI: aardvark: Fix memory leak in driver unbind (git-fixes).\n- PCI: aardvark: Fix reading MSI interrupt number (git-fixes).\n- PCI: aardvark: Fix reading PCI_EXP_RTSTA_PME bit on emulated bridge (git-fixes).\n- PCI: aardvark: Fix setting MSI address (git-fixes).\n- PCI: aardvark: Fix support for MSI interrupts (git-fixes).\n- PCI: aardvark: Fix support for PME requester on emulated bridge (git-fixes).\n- PCI: aardvark: Make msi_domain_info structure a static driver structure (git-fixes).\n- PCI: aardvark: Make MSI irq_chip structures static driver structures (git-fixes).\n- PCI: aardvark: Mask all interrupts when unbinding driver (git-fixes).\n- PCI: aardvark: Optimize writing PCI_EXP_RTCTL_PMEIE and PCI_EXP_RTSTA_PME on emulated bridge (git-fixes).\n- PCI: aardvark: Refactor unmasking summary MSI interrupt (git-fixes).\n- PCI: aardvark: Remove irq_mask_ack() callback for INTx interrupts (git-fixes).\n- PCI: aardvark: Replace custom PCIE_CORE_INT_* macros with PCI_INTERRUPT_* (git-fixes).\n- PCI: aardvark: Rewrite IRQ code to chained IRQ handler (git-fixes).\n- PCI: aardvark: Update comment about link going down after link-up (git-fixes).\n- PCI: aardvark: Use dev_fwnode() instead of of_node_to_fwnode(dev-\u003eof_node) (git-fixes).\n- PCI: aardvark: Use separate INTA interrupt for emulated root bridge (git-fixes).\n- PCI/ACPI: Allow D3 only if Root Port can signal and wake from D3 (git-fixes).\n- PCI: Add ACS quirk for Pericom PI7C9X2G switches (bsc#1199390).\n- PCI/AER: Clear MULTI_ERR_COR/UNCOR_RCV bits (git-fixes).\n- PCI: Avoid broken MSI on SB600 USB devices (git-fixes).\n- PCI: cadence: Fix find_first_zero_bit() limit (git-fixes).\n- PCI: dwc: Fix setting error return on MSI DMA mapping failure (git-fixes).\n- PCI: endpoint: Fix alignment fault error in copy tests (git-fixes).\n- PCI: endpoint: Fix misused goto label (git-fixes).\n- PCI: fu740: Force 2.5GT/s for initial device probe (git-fixes).\n- PCI: hv: Do not set PCI_COMMAND_MEMORY to reduce VM boot time (bsc#1199314).\n- PCI: hv: Fix hv_arch_irq_unmask() for multi-MSI (bsc#1200845).\n- PCI: hv: Fix interrupt mapping for multi-MSI (bsc#1200845).\n- PCI: hv: Fix multi-MSI to allow more than one MSI vector (bsc#1200845).\n- PCI: hv: Fix NUMA node assignment when kernel boots with custom NUMA topology (git-fixes).\n- PCI: hv: Reuse existing IRTE allocation in compose_msi_msg() (bsc#1200845).\n- PCI: imx6: Allow to probe when dw_pcie_wait_for_link() fails (git-fixes).\n- PCI: imx6: Fix PERST# start-up sequence (git-fixes).\n- PCI: Mark all AMD Navi10 and Navi14 GPU ATS as broken (git-fixes).\n- PCI: microchip: Fix potential race in interrupt handling (git-fixes).\n- PCI: mvebu: Fix configuring secondary bus of PCIe Root Port via emulated bridge (git-fixes).\n- PCI: mvebu: Fix device enumeration regression (git-fixes).\n- PCI: mvebu: Fix support for bus mastering and PCI_COMMAND on emulated bridge (git-fixes).\n- PCI: mvebu: Fix support for PCI_BRIDGE_CTL_BUS_RESET on emulated bridge (git-fixes).\n- PCI: mvebu: Setup PCIe controller to Root Complex mode (git-fixes).\n- PCI: pci-bridge-emul: Add definitions for missing capabilities registers (git-fixes).\n- PCI: pci-bridge-emul: Add description for class_revision field (git-fixes).\n- PCI: pciehp: Add Qualcomm quirk for Command Completed erratum (git-fixes).\n- PCI: pciehp: Clear cmd_busy bit in polling mode (git-fixes).\n- PCI/PM: Power up all devices during runtime resume (git-fixes).\n- PCI: qcom: Fix runtime PM imbalance on probe errors (git-fixes).\n- PCI: qcom: Fix unbalanced PHY init on probe errors (git-fixes).\n- PCI: rockchip: Fix find_first_zero_bit() limit (git-fixes).\n- PCI/switchtec: Add Gen4 automotive device IDs (git-fixes).\n- PCI: Work around Intel I210 ROM BAR overlap defect (git-fixes).\n- pcmcia: db1xxx_ss: restrict to MIPS_DB1XXX boards (git-fixes).\n- perf: Copy perf_event_attr::sig_data on modification (git fixes).\n- perf/core: Do not pass task around when ctx sched in (git-fixes).\n- perf/core: Fix address filter parser for multiple filters (git fixes).\n- perf/core: Fix cgroup event list management (git fixes).\n- perf/core: Fix perf_cgroup_switch() (git fixes).\n- perf/core: Fix perf_mmap fail when CONFIG_PERF_USE_VMALLOC enabled (git fixes).\n- perf: Fix list corruption in perf_cgroup_switch() (git fixes).\n- perf/x86/intel/pt: Fix address filter config for 32-bit kernel (git fixes).\n- perf/x86/intel/pt: Fix crash with stop filters in single-range mode (git fixes).\n- perf/x86/intel/uncore: Make uncore_discovery clean for 64 bit addresses (bsc#1197304).\n- perf/x86/intel: Update the FRONTEND MSR mask on Sapphire Rapids (git fixes).\n- phy: amlogic: fix error path in phy_g12a_usb3_pcie_probe() (git-fixes).\n- phy: amlogic: meson8b-usb2: fix shared reset control use (git-fixes).\n- phy: amlogic: meson8b-usb2: Use dev_err_probe() (git-fixes).\n- phy: amlogic: phy-meson-gxl-usb2: fix shared reset controller use (git-fixes).\n- phy: aquantia: Fix AN when higher speeds than 1G are not advertised (git-fixes).\n- phy: broadcom: Kconfig: Fix PHY_BRCM_USB config option (git-fixes).\n- phy: dphy: Correct clk_pre parameter (git-fixes).\n- phy: dphy: Correct lpx parameter and its derivatives(ta_{get,go,sure}) (git-fixes).\n- phy: mapphone-mdm6600: Fix PM error handling in phy_mdm6600_probe (git-fixes).\n- phy: phy-brcm-usb: fixup BCM4908 support (git-fixes).\n- phy: qcom-qmp: fix pipe-clock imbalance on power-on failure (git-fixes).\n- phy: qcom-qmp: fix reset-controller leak on probe errors (git-fixes).\n- phy: qcom-qmp: fix struct clk leak on probe errors (git-fixes).\n- phy: samsung: exynos5250-sata: fix missing device put in probe error paths (git-fixes).\n- phy: samsung: Fix missing of_node_put() in exynos_sata_phy_probe (git-fixes).\n- phy: stm32: fix a refcount leak in stm32_usbphyc_pll_enable() (git-fixes).\n- phy: ti: Add missing pm_runtime_disable() in serdes_am654_probe (git-fixes).\n- phy: ti: Fix missing sentinel for clk_div_table (git-fixes).\n- phy: ti: omap-usb2: Fix error handling in omap_usb2_enable_clocks (git-fixes).\n- phy: usb: Leave some clocks running during suspend (git-fixes).\n- phy: xilinx: zynqmp: Fix bus width setting for SGMII (git-fixes).\n- pinctrl: bcm2835: Fix a few error paths (git-fixes).\n- pinctrl: bcm63xx: fix unmet dependency on REGMAP for GPIO_REGMAP (git-fixes).\n- pinctrl: fix loop in k210_pinconf_get_drive() (git-fixes).\n- pinctrl: intel: Fix a glitch when updating IRQ flags on a preconfigured line (git-fixes).\n- pinctrl: intel: fix unexpected interrupt (git-fixes).\n- pinctrl: k210: Fix bias-pull-up (git-fixes).\n- pinctrl: mediatek: Fix missing of_node_put() in mtk_pctrl_init (git-fixes).\n- pinctrl: mediatek: moore: Fix build error (git-fixes).\n- pinctrl: mediatek: mt8195: enable driver on mtk platforms (git-fixes).\n- pinctrl: mediatek: mt8365: fix IES control pins (git-fixes).\n- pinctrl: mediatek: paris: Fix \u0027argument\u0027 argument type for mtk_pinconf_get() (git-fixes).\n- pinctrl: mediatek: paris: Fix PIN_CONFIG_BIAS_* readback (git-fixes).\n- pinctrl: mediatek: paris: Fix pingroup pin config state readback (git-fixes).\n- pinctrl: mediatek: paris: Skip custom extra pin config dump for virtual GPIOs (git-fixes).\n- pinctrl: microchip-sgpio: lock RMW access (git-fixes).\n- pinctrl: microchip sgpio: use reset driver (git-fixes).\n- pinctrl: mvebu: Fix irq_of_parse_and_map() return value (git-fixes).\n- pinctrl: nomadik: Add missing of_node_put() in nmk_pinctrl_probe (git-fixes).\n- pinctrl: npcm: Fix broken references to chip-\u003eparent_device (git-fixes).\n- pinctrl: nuvoton: npcm7xx: Rename DS() macro to DSTR() (git-fixes).\n- pinctrl: nuvoton: npcm7xx: Use %zu printk format for ARRAY_SIZE() (git-fixes).\n- pinctrl: pinconf-generic: Print arguments for bias-pull-* (git-fixes).\n- pinctrl: pinctrl-aspeed-g6: remove FWQSPID group in pinctrl (git-fixes).\n- pinctrl: pistachio: fix use of irq_of_parse_and_map() (git-fixes).\n- pinctrl: renesas: checker: Fix miscalculation of number of states (git-fixes).\n- pinctrl: renesas: core: Fix possible null-ptr-deref in sh_pfc_map_resources() (git-fixes).\n- pinctrl: renesas: r8a77470: Reduce size for narrow VIN1 channel (git-fixes).\n- pinctrl: renesas: r8a779a0: Fix GPIO function on I2C-capable pins (git-fixes).\n- pinctrl: renesas: rzn1: Fix possible null-ptr-deref in sh_pfc_map_resources() (git-fixes).\n- pinctrl/rockchip: Add missing of_node_put() in rockchip_pinctrl_probe (git-fixes).\n- pinctrl: rockchip: fix RK3308 pinmux bits (git-fixes).\n- pinctrl: samsung: drop pin banks references on error paths (git-fixes).\n- pinctrl: samsung: fix missing GPIOLIB on ARM64 Exynos config (git-fixes).\n- pinctrl: stm32: Do not call stm32_gpio_get() for edge triggered IRQs in EOI (git-fixes).\n- pinctrl: stm32: Keep pinctrl block clock enabled when LEVEL IRQ requested (git-fixes).\n- pinctrl: sunxi: fix f1c100s uart2 function (git-fixes).\n- pinctrl: sunxi: Fix H616 I2S3 pin data (git-fixes).\n- pinctrl: sunxi: Use unique lockdep classes for IRQs (git-fixes).\n- pinctrl: tegra: tegra194: drop unused pin groups (git-fixes).\n- pinctrl: tigerlake: Revert \u0027Add Alder Lake-M ACPI ID\u0027 (git-fixes).\n- ping: fix the sk_bound_dev_if match in ping_lookup (bsc#1195826).\n- ping: remove pr_err from ping_lookup (bsc#1195826).\n- pipe: Fix missing lock in pipe_resize_ring() (git-fixes).\n- platform/chrome: cros_ec_debugfs: detach log reader wq from devm (git-fixes).\n- platform/chrome: cros_ec: fix error handling in cros_ec_register() (git-fixes).\n- platform/chrome: cros_ec_typec: Check for EC device (git-fixes).\n- platform/chrome: Re-introduce cros_ec_cmd_xfer and use it for ioctls (git-fixes).\n- platform: finally disallow IRQ0 in platform_get_irq() and its ilk (git-fixes).\n- platform/surface: aggregator: Fix initialization order when compiling as builtin module (git-fixes).\n- platform/surface: surface3-wmi: Simplify resource management (git-fixes).\n- platform/x86: Add Intel Software Defined Silicon driver (jsc#SLE-18938).\n- platform/x86: asus-wmi: Add support for custom fan curves (bsc#1198058).\n- platform/x86: asus-wmi: Delete impossible condition (bsc#1198058).\n- platform/x86: asus-wmi: Fix driver not binding when fan curve control probe fails (git-fixes).\n- platform/x86: asus-wmi: Fix regression when probing for fan curve control (bsc#1198058).\n- platform/x86: asus-wmi: Fix \u0027unsigned \u0027retval\u0027 is never less than zero\u0027 smatch warning (bsc#1198058).\n- platform/x86: asus-wmi: Potential buffer overflow in asus_wmi_evaluate_method_buf() (git-fixes).\n- platform/x86: gigabyte-wmi: Add support for B450M DS3H-CF (git-fixes).\n- platform/x86: gigabyte-wmi: Add Z690M AORUS ELITE AX DDR4 support (git-fixes).\n- platform/x86: huawei-wmi: check the return value of device_create_file() (git-fixes).\n- platform/x86: intel-hid: fix _DSM function index handling (git-fixes).\n- platform/x86/intel/sdsi: Fix bug in multi packet reads (jsc#SLE-18901).\n- platform/x86/intel/sdsi: Handle leaky bucket (jsc#SLE-18901).\n- platform/x86/intel/sdsi: Poll on ready bit for writes (jsc#SLE-18901).\n- platform/x86: panasonic-laptop: de-obfuscate button codes (git-fixes).\n- platform/x86: panasonic-laptop: do not report duplicate brightness key-presses (git-fixes).\n- platform/x86: panasonic-laptop: filter out duplicate volume up/down/mute keypresses (git-fixes).\n- platform/x86: panasonic-laptop: revert \u0027Resolve hotkey double trigger bug\u0027 (git-fixes).\n- platform/x86: panasonic-laptop: sort includes alphabetically (git-fixes).\n- platform/x86: samsung-laptop: Fix an unsigned comparison which can never be negative (git-fixes).\n- platform/x86: touchscreen_dmi: Add info for the RWC NANOTE P8 AY07J 2-in-1 (git-fixes).\n- PM: core: keep irq flags in device_pm_check_callbacks() (git-fixes).\n- PM / devfreq: exynos-ppmu: Fix refcount leak in of_get_devfreq_events (git-fixes).\n- PM / devfreq: rk3399_dmc: Disable edev on remove() (git-fixes).\n- PM: domains: Fix initialization of genpd\u0027s next_wakeup (git-fixes).\n- PM: domains: Fix sleep-in-atomic bug caused by genpd_debug_remove() (git-fixes).\n- PM: hibernate: fix __setup handler error handling (git-fixes).\n- PM: hibernate: Remove register_nosave_region_late() (git-fixes).\n- PM: s2idle: ACPI: Fix wakeup interrupts handling (git-fixes).\n- PM: suspend: fix return value of __setup handler (git-fixes).\n- PM: wakeup: simplify the output logic of pm_show_wakelocks() (git-fixes).\n- pNFS: Avoid a live lock condition in pnfs_update_layout() (git-fixes).\n- pNFS: Do not keep retrying if the server replied NFS4ERR_LAYOUTUNAVAILABLE (git-fixes).\n- powerpc/64: Move paca allocation later in boot (bsc#1190812).\n- powerpc/64s: Add CPU_FTRS_POWER10 to ALWAYS mask (jsc#SLE-13521 git-fixes).\n- powerpc/64s: Add CPU_FTRS_POWER9_DD2_2 to CPU_FTRS_ALWAYS mask (bsc#1061840 git-fixes).\n- powerpc/64s: Do not use DSISR for SLB faults (bsc#1194869).\n- powerpc/64s/radix: Fix huge vmap false positive (bsc#1156395).\n- powerpc: add link stack flush mitigation status in debugfs (bsc#1157038 bsc#1157923 ltc#182612 git-fixes).\n- powerpc/bpf: Update ldimm64 instructions during extra pass (bsc#1194869).\n- powerpc: Do not select HAVE_IRQ_EXIT_ON_IRQ_STACK (bsc#1194869).\n- powerpc: Enable the DAWR on POWER9 DD2.3 and above (bsc#1055117 ltc#159753).\n- powerpc/fadump: fix PT_LOAD segment for boot memory area (bsc#1103269 ltc#169948 git-fixes).\n- powerpc/fadump: opt out from freeing pages on cma activation failure (bsc#1195099 ltc#196102).\n- powerpc/fadump: register for fadump as early as possible (bsc#1179439 ltc#190038).\n- powerpc/idle: Fix return value of __setup() handler (bsc#1065729).\n- powerpc/lib/sstep: Fix \u0027sthcx\u0027 instruction (bsc#1156395).\n- powerpc/mce: Modify the real address error logging messages (jsc#SLE-18194).\n- powerpc/mm/numa: skip NUMA_NO_NODE onlining in parse_numa_properties() (bsc#1179639 ltc#189002 git-fixes).\n- powerpc/perf: Do not use perf_hw_context for trace IMC PMU (bsc#1156395).\n- powerpc/perf: Fix power10 event alternatives (jsc#SLE-13513 git-fixes).\n- powerpc/perf: Fix power9 event alternatives (bsc#1137728, LTC#178106, git-fixes).\n- powerpc/perf: Fix power_pmu_disable to call clear_pmi_irq_pending only if PMI is pending (bsc#1156395).\n- powerpc/perf: Fix the threshold compare group constraint for power10 (bsc#1194869).\n- powerpc/perf: Fix the threshold compare group constraint for power9 (bsc#1065729).\n- powerpc/powernv: Add __init attribute to eligible functions (bsc#1188885 ltc#193722 git-fixes).\n- powerpc/powernv: Get L1D flush requirements from device-tree (bsc#1188885 ltc#193722 git-fixes).\n- powerpc/powernv: Get STF barrier requirements from device-tree (bsc#1188885 ltc#193722 git-fixes).\n- powerpc/powernv: Remove POWER9 PVR version check for entry and uaccess flushes (bsc#1188885 ltc#193722 git-fixes).\n- powerpc/pseries: Fix use after free in remove_phb_dynamic() (bsc#1065729).\n- powerpc/pseries: Parse control memory access error (jsc#SLE-18194).\n- powerpc/pseries: read the lpar name from the firmware (bsc#1187716 ltc#193451).\n- powerpc/rtas: Allow ibm,platform-dump RTAS call with null buffer address (bsc#1200343 ltc#198477).\n- powerpc: Set crashkernel offset to mid of RMA region (bsc#1190812).\n- powerpc/sysdev: fix incorrect use to determine if list is empty (bsc#1065729).\n- powerpc/tm: Fix more userspace r13 corruption (bsc#1065729).\n- powerpc/vdso: Fix incorrect CFI in gettimeofday.S (bsc#1199173 ltc#197388).\n- powerpc/vdso: Remove cvdso_call_time macro (bsc#1199173 ltc#197388).\n- powerpc/xive: Add a debugfs file to dump EQs (bsc#1194409 ltc#195810).\n- powerpc/xive: Add some error handling code to \u0027xive_spapr_init()\u0027 (git-fixes).\n- powerpc/xive: Change the debugfs file \u0027xive\u0027 into a directory (bsc#1194409 ltc#195810).\n- powerpc/xive: Export XIVE IPI information for online-only processors (bsc#1194409 ltc#195810).\n- powerpc/xive: Fix refcount leak in xive_spapr_init (git-fixes).\n- powerpc/xive: fix return value of __setup handler (bsc#1065729).\n- powerpc/xive: Introduce an helper to print out interrupt characteristics (bsc#1194409 ltc#195810).\n- powerpc/xive: Introduce xive_core_debugfs_create() (bsc#1194409 ltc#195810).\n- powerpc/xive: Rename the \u0027cpus\u0027 debugfs file to \u0027ipis\u0027 (bsc#1194409 ltc#195810).\n- power: reset: gemini-poweroff: Fix IRQ check in gemini_poweroff_probe (git-fixes).\n- power: supply: ab8500: Fix memory leak in ab8500_fg_sysfs_init (git-fixes).\n- power: supply: axp20x_battery: properly report current when discharging (git-fixes).\n- power: supply: axp288-charger: Set Vhold to 4.4V (git-fixes).\n- power: supply: axp288_fuel_gauge: Drop BIOS version check from \u0027T3 MRD\u0027 DMI quirk (git-fixes).\n- power: supply: axp288_fuel_gauge: Fix battery reporting on the One Mix 1 (git-fixes).\n- power: supply: bq24190_charger: Fix bq24190_vbus_is_enabled() wrong false return (git-fixes).\n- power: supply: sbs-charger: Do not cancel work that is not initialized (git-fixes).\n- power: supply: wm8350-power: Add missing free in free_charger_irq (git-fixes).\n- power: supply: wm8350-power: Handle error for wm8350_register_irq (git-fixes).\n- pps: clients: gpio: Propagate return value from pps_gpio_probe (git-fixes).\n- printk: Add panic_in_progress helper (bsc#1197894).\n- printk: disable optimistic spin during panic (bsc#1197894).\n- proc: bootconfig: Add null pointer check (git-fixes).\n- proc: fix documentation and description of pagemap (git-fixes).\n- procfs: prevent unprivileged processes accessing fdinfo dir (git-fixes).\n- psi: fix \u0027defined but not used\u0027 warnings when (git-fixes)\n- ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE (bsc#1198413).\n- pvpanic: Fix typos in the comments (git-fixes).\n- pwm: lp3943: Fix duty calculation in case period was clamped (git-fixes).\n- pwm: lpc18xx-sct: Initialize driver data and hardware before pwmchip_add() (git-fixes).\n- pwm: raspberrypi-poe: Fix endianness in firmware struct (git-fixes).\n- qed: display VF trust config (git-fixes).\n- qede: confirm skb is allocated before using (git-fixes).\n- qed: fix ethtool register dump (jsc#SLE-19001).\n- qed: return status of qed_iov_get_link (git-fixes).\n- qla2xxx: add -\u003emap_queues support for nvme (bsc#1195823).\n- qlcnic: dcb: default to returning -EOPNOTSUPP (git-fixes).\n- raid5: introduce MD_BROKEN (git-fixes).\n- random: check for signal_pending() outside of need_resched() check (git-fixes).\n- random: wake up /dev/random writers after zap (git-fixes).\n- random: wire up fops-\u003esplice_{read,write}_iter() (git-fixes).\n- ray_cs: Check ioremap return value (git-fixes).\n- RDMA/cma: Do not change route.addr.src_addr outside state checks (git-fixes).\n- RDMA/cma: Use correct address when leaving multicast group (git-fixes).\n- RDMA/core: Fix ib_qp_usecnt_dec() called when error (jsc#SLE-19249).\n- RDMA/core: Set MR type in ib_reg_user_mr (git-fixes).\n- RDMA/hfi1: Fix use-after-free bug for mm struct (git-fixes).\n- RDMA/ib_srp: Fix a deadlock (git-fixes).\n- RDMA/irdma: Fix netdev notifications for vlan\u0027s (git-fixes).\n- RDMA/irdma: Fix Passthrough mode in VM (git-fixes).\n- RDMA/irdma: Fix possible crash due to NULL netdev in notifier (git-fixes).\n- RDMA/irdma: Flush iWARP QP if modified to ERR from RTR state (git-fixes).\n- RDMA/irdma: Prevent some integer underflows (git-fixes).\n- RDMA/irdma: Reduce iWARP QP destroy time (git-fixes).\n- RDMA/irdma: Remove incorrect masking of PD (git-fixes).\n- RDMA/irdma: Set protocol based on PF rdma_mode flag (bsc#1200502).\n- RDMA/mlx4: Do not continue event handler after memory allocation failure (git-fixes).\n- RDMA/mlx5: Add a missing update of cache-\u003elast_add (git-fixes).\n- RDMA/mlx5: Do not remove cache MRs when a delay is needed (git-fixes).\n- RDMA/mlx5: Fix memory leak in error flow for subscribe event routine (git-fixes).\n- RDMA/mlx5: Fix the flow of a miss in the allocation of a cache ODP MR (git-fixes).\n- RDMA/nldev: Prevent underflow in nldev_stat_set_counter_dynamic_doit() (jsc#SLE-19249).\n- RDMA/rtrs-clt: Fix possible double free in error case (git-fixes).\n- RDMA/rtrs-clt: Move free_permit from free_clt to rtrs_clt_close (git-fixes).\n- RDMA/rxe: Change variable and function argument to proper type (jsc#SLE-19249).\n- RDMA/rxe: Check the last packet by RXE_END_MASK (git-fixes).\n- RDMA/rxe: Fix ref error in rxe_av.c (jsc#SLE-19249).\n- RDMA/siw: Fix a condition race issue in MPA request processing (git-fixes).\n- RDMA/siw: Fix broken RDMA Read Fence/Resume logic (git-fixes).\n- RDMA/siw: Fix refcounting leak in siw_create_qp() (jsc#SLE-19249).\n- RDMA/ucma: Protect mc during concurrent multicast leaves (git-fixes).\n- regmap-irq: Fix a bug in regmap_irq_enable() for type_in_mask chips (git-fixes).\n- regmap-irq: Fix offset/index mismatch in read_sub_irq_data() (git-fixes).\n- regmap-irq: Update interrupt clear register for proper reset (git-fixes).\n- regulator: atc260x: Fix missing active_discharge_on setting (git-fixes).\n- regulator: core: Fix enable_count imbalance with EXCLUSIVE_GET (git-fixes).\n- regulator: core: fix false positive in regulator_late_cleanup() (git-fixes).\n- regulator: da9121: Fix uninit-value in da9121_assign_chip_model() (git-fixes).\n- regulator: mt6315: Enforce regulator-compatible, not name (git-fixes).\n- regulator: mt6315-regulator: fix invalid allowed mode (git-fixes).\n- regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt (git-fixes).\n- regulator: qcom_smd: fix for_each_child.cocci warnings (git-fixes).\n- regulator: qcom_smd: Fix up PM8950 regulator configuration (git-fixes).\n- regulator: rpi-panel: Handle I2C errors/timing to the Atmel (git-fixes).\n- regulator: scmi: Fix refcount leak in scmi_regulator_probe (git-fixes).\n- regulator: wm8994: Add an off-on delay for WM8994 variant (git-fixes).\n- remoteproc: Fix count check in rproc_coredump_write() (git-fixes).\n- remoteproc: imx_rproc: Ignore create mem entry for resource table (git-fixes).\n- remoteproc: qcom: Fix missing of_node_put in adsp_alloc_memory_region (git-fixes).\n- remoteproc: qcom_q6v5_mss: Fix some leaks in q6v5_alloc_memory_region (git-fixes).\n- remoteproc: qcom_wcnss: Add missing of_node_put() in wcnss_alloc_memory_region (git-fixes).\n- reset: tegra-bpmp: Restore Handle errors in BPMP response (git-fixes).\n- Revert \u0027drm/amd/display: Fix DCN3 B0 DP Alt Mapping\u0027 (git-fixes).\n- Revert \u0027svm: Add warning message for AVIC IPI invalid target\u0027 (git-fixes).\n- rfkill: make new event layout opt-in (git-fixes).\n- rfkill: uapi: fix RFKILL_IOCTL_MAX_SIZE ioctl request definition (git-fixes).\n- riscv: Fix fill_callchain return value (git fixes).\n- rpmsg: qcom_smd: Fix irq_of_parse_and_map() return value (git-fixes).\n- rpmsg: qcom_smd: Fix redundant channel-\u003eregistered assignment (git-fixes).\n- rpmsg: qcom_smd: Fix returning 0 if irq_of_parse_and_map() fails (git-fixes).\n- rpmsg: virtio: Fix possible double free in rpmsg_probe() (git-fixes).\n- rpmsg: virtio: Fix possible double free in rpmsg_virtio_add_ctrl_dev() (git-fixes).\n- rpmsg: virtio: Fix the unregistration of the device rpmsg_ctrl (git-fixes).\n- rtc: check if __rtc_read_time was successful (git-fixes).\n- rtc: fix use-after-free on device removal (git-fixes).\n- rtc: ftrtc010: Fix error handling in ftrtc010_rtc_probe (git-fixes).\n- rtc: ftrtc010: Use platform_get_irq() to get the interrupt (git-fixes).\n- rtc: mc146818-lib: fix locking in mc146818_set_time (git-fixes).\n- rtc: mc146818-lib: Fix the AltCentury for AMD platforms (git-fixes).\n- rtc: mt6397: check return value after calling platform_get_resource() (git-fixes).\n- rtc: mxc: Silence a clang warning (git-fixes).\n- rtc: pcf2127: fix bug when reading alarm registers (git-fixes).\n- rtc: pl031: fix rtc features null pointer dereference (git-fixes).\n- rtc: sun6i: Fix time overflow handling (git-fixes).\n- rtc: wm8350: Handle error for wm8350_register_irq (git-fixes).\n- rtl818x: Prevent using not initialized queues (git-fixes).\n- rtlwifi: Use pr_warn instead of WARN_ONCE (git-fixes).\n- rtw88: 8821c: fix debugfs rssi value (git-fixes).\n- rtw88: 8821c: support RFE type4 wifi NIC (git-fixes).\n- rtw88: Disable PCIe ASPM while doing NAPI poll on 8821CE (git-fixes).\n- rtw88: rtw8821c: enable rfe 6 devices (git-fixes).\n- s390/crypto: fix scatterwalk_unmap() callers in AES-GCM (git-fixes).\n- s390/ctcm: fix potential memory leak (git-fixes).\n- s390/ctcm: fix variable dereferenced before check (git-fixes).\n- s390-dasd-fix-data-corruption-for-ESE-devices (bsc#1200205 LTC#198456).\n- s390/dasd: fix data corruption for ESE devices (git-fixes).\n- s390-dasd-Fix-read-for-ESE-with-blksize-4k (bsc#1200211 LTC#198457).\n- s390/dasd: Fix read for ESE with blksize 4k (git-fixes).\n- s390-dasd-Fix-read-inconsistency-for-ESE-DASD-devices (bsc#1200211 LTC#198457).\n- s390/dasd: Fix read inconsistency for ESE DASD devices (git-fixes).\n- s390-dasd-prevent-double-format-of-tracks-for-ESE-devices (bsc#1200205 LTC#198456).\n- s390/dasd: prevent double format of tracks for ESE devices (git-fixes).\n- s390/entry: fix duplicate tracking of irq nesting level (git-fixes).\n- s390/extable: fix exception table sorting (git-fixes).\n- s390/kexec_file: fix error handling when applying relocations (git-fixes).\n- s390/kexec: fix memory leak of ipl report buffer (git-fixes).\n- s390/kexec: fix return code handling (git-fixes).\n- s390/lcs: fix variable dereferenced before check (git-fixes).\n- s390/mcck: isolate SIE instruction when setting CIF_MCCK_GUEST flag (git-fixes).\n- s390/module: fix loading modules with a lot of relocations (git-fixes).\n- s390/nmi: handle guarded storage validity failures for KVM guests (git-fixes).\n- s390/nmi: handle vector validity failures for KVM guests (git-fixes).\n- s390/perf: obtain sie_block from the right address (bsc#1200315 LTC#198473).\n- s390/setup: avoid reserving memory above identity mapping (git-fixes).\n- s390/smp: sort out physical vs virtual pointers usage (git-fixes).\n- sata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl (git-fixes).\n- sata_fsl: fix warning in remove_proc_entry when rmmod sata_fsl (git-fixes).\n- sc16is7xx: Fix for incorrect data being transmitted (git-fixes).\n- sched/core: Export pelt_thermal_tp (git-fixes)\n- sched/core: Fix forceidle balancing (git-fixes)\n- sched/core: Mitigate race (git-fixes)\n- sched/cpuacct: Fix charge percpu cpuusage (git-fixes)\n- sched/cpuacct: Fix user/system in shown cpuacct.usage* (git-fixes)\n- sched/debug: Remove mpol_get/put and task_lock/unlock from (git-fixes)\n- sched: Define and initialize a flag to identify valid PASID in the task (jsc#SLE-24350).\n- sched/fair: Consider CPU affinity when allowing NUMA imbalance in find_idlest_group() (bnc#1193431).\n- sched/fair: Fix fault in reweight_entity (git fixes (sched/core)).\n- sched/fair: Revise comment about lb decision matrix (git-fixes)\n- sched: Fix balance_push() vs __sched_setscheduler() (git-fixes)\n- sched: Fix yet more sched_fork() races (git fixes (sched/core)).\n- sched/membarrier: Fix membarrier-rseq fence command missing (git-fixes)\n- sched/numa: Adjust imb_numa_nr to a better approximation of memory channels (bnc#1193431).\n- sched/numa: Apply imbalance limitations consistently (bnc#1193431).\n- sched/numa: Do not swap tasks between nodes when spare capacity is available (bnc#1193431).\n- sched/numa: Initialise numa_migrate_retry (bnc#1193431).\n- sched/pasid: Add a kABI workaround (jsc#SLE-24350).\n- sched/pelt: Fix attach_entity_load_avg() corner case (git-fixes)\n- sched/pelt: Relax the sync of util_sum with util_avg (git-fixes)\n- sched/psi: report zeroes for CPU full at the system level (git-fixes)\n- sched/rt: Plug rt_mutex_setprio() vs push_rt_task() race (git-fixes)\n- sched/rt: Try to restart rt period timer when rt runtime (git-fixes)\n- sched/scs: Reset task stack state in bringup_cpu() (git-fixes)\n- sched/sugov: Ignore busy filter when rq is capped by (git-fixes)\n- sched: Teach the forced-newidle balancer about CPU affinity (git-fixes)\n- scripts/faddr2line: Fix overlapping text section failures (git-fixes).\n- scsi: block: pm: Always set request queue runtime active in blk_post_runtime_resume() (bsc#1198802).\n- scsi: block: PM fix blk_post_runtime_resume() args (bsc#1198802).\n- scsi: core: Query VPD size before getting full page (git-fixes).\n- scsi: dc395x: Fix a missing check on list iterator (git-fixes).\n- scsi: elx: efct: Do not use GFP_KERNEL under spin lock (git-fixes).\n- scsi: fnic: Fix a tracing statement (git-fixes).\n- scsi: fnic: Replace DMA mask of 64 bits with 47 bits (bsc#1199631).\n- scsi: hisi_sas: Add more logs for runtime suspend/resume (bsc#1198802).\n- scsi: hisi_sas: Change permission of parameter prot_mask (git-fixes).\n- scsi: hisi_sas: Fix rescan after deleting a disk (git-fixes).\n- scsi: hisi_sas: Fix some issues related to asd_sas_port-phy_list (bsc#1198802).\n- scsi: hisi_sas: Increase debugfs_dump_index after dump is completed (bsc#1198806).\n- scsi: hisi_sas: Initialise devices in .slave_alloc callback (bsc#1198802).\n- scsi: hisi_sas: Limit users changing debugfs BIST count value (bsc#1198803).\n- scsi: hisi_sas: Remove unused variable and check in hisi_sas_send_ata_reset_each_phy() (git-fixes).\n- scsi: hisi_sas: Wait for phyup in hisi_sas_control_phy() (bsc#1198802).\n- scsi: ibmvfc: Allocate/free queue resource only during probe/remove (jsc#SLE-15442 bsc#1180814 ltc#187461 git-fixes).\n- scsi: ibmvfc: Store vhost pointer during subcrq allocation (jsc#SLE-15442 bsc#1180814 ltc#187461 git-fixes).\n- scsi: libsas: Add flag SAS_HA_RESUMING (bsc#1198802).\n- scsi: libsas: Add spin_lock/unlock() to protect asd_sas_port-\u003ephy_list (bsc#1198802).\n- scsi: libsas: Defer works of new phys during suspend (bsc#1198802).\n- scsi: libsas: Do not always drain event workqueue for HA resume (bsc#1198802).\n- scsi: libsas: Fix sas_ata_qc_issue() handling of NCQ NON DATA commands (git-fixes).\n- scsi: libsas: Insert PORTE_BROADCAST_RCVD event for resuming host (bsc#1198802).\n- scsi: libsas: Keep host active while processing events (bsc#1198802).\n- scsi: libsas: Refactor sas_queue_deferred_work() (bsc#1198802).\n- scsi: libsas: Resume host while sending SMP I/Os (bsc#1198802).\n- scsi: lpfc: Add more logging of cmd and cqe information for aborted NVMe cmds (bsc#1201193).\n- scsi: lpfc: Address NULL pointer dereference after starget_to_rport() (bsc#1201193).\n- scsi: lpfc: Add support for ATTO Fibre Channel devices (bsc#1201193).\n- scsi: lpfc: Add support for VMID tagging of NVMe I/Os (bsc#1201193).\n- scsi: lpfc: Allow reduced polling rate for nvme_admin_async_event cmd completion (bsc#1201193).\n- scsi: lpfc: Alter FPIN stat accounting logic (bsc#1200045).\n- scsi: lpfc: Change FA-PWWN detection methodology (bsc#1200045).\n- scsi: lpfc: Change VMID registration to be based on fabric parameters (bsc#1200045).\n- scsi: lpfc: Clear fabric topology flag before initiating a new FLOGI (bsc#1200045).\n- scsi: lpfc: Commonize VMID code location (bsc#1201193).\n- scsi: lpfc: Copyright updates for 14.2.0.0 patches (bsc#1197675).\n- scsi: lpfc: Copyright updates for 14.2.0.2 patches (bsc#1200045).\n- scsi: lpfc: Correct BDE DMA address assignment for GEN_REQ_WQE (bsc#1200045).\n- scsi: lpfc: Correct BDE type for XMIT_SEQ64_WQE in lpfc_ct_reject_event() (bsc#1201193).\n- scsi: lpfc: Correct CRC32 calculation for congestion stats (bsc#1200045).\n- scsi: lpfc: Decrement outstanding gidft_inp counter if lpfc_err_lost_link() (bsc#1200045).\n- scsi: lpfc: Drop lpfc_no_handler() (bsc#1197675).\n- scsi: lpfc: Expand setting ELS_ID field in ELS_REQUEST64_WQE (bsc#1200045).\n- scsi: lpfc: Fill in missing ndlp kref puts in error paths (bsc#1200045).\n- scsi: lpfc: Fix additional reference counting in lpfc_bsg_rport_els() (bsc#1200045).\n- scsi: lpfc: Fix broken SLI4 abort path (bsc#1197675).\n- scsi: lpfc: Fix call trace observed during I/O with CMF enabled (bsc#1200045).\n- scsi: lpfc: Fix diagnostic fw logging after a function reset (bsc#1200045).\n- scsi: lpfc: Fix dmabuf ptr assignment in lpfc_ct_reject_event() (bsc#1200045).\n- scsi: lpfc: Fix element offset in __lpfc_sli_release_iocbq_s4() (bsc#1200045).\n- scsi: lpfc: Fix field overload in lpfc_iocbq data structure (bsc#1200045).\n- scsi: lpfc: Fix locking for lpfc_sli_iocbq_lookup() (bsc#1197675).\n- scsi: lpfc: Fix ndlp put following a LOGO completion (bsc#1200045).\n- scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI (bsc#1200045).\n- scsi: lpfc: Fix port stuck in bypassed state after LIP in PT2PT topology (bsc#1201193).\n- scsi: lpfc: Fix queue failures when recovering from PCI parity error (bsc#1197675 bsc#1196478).\n- scsi: lpfc: Fix resource leak in lpfc_sli4_send_seq_to_ulp() (bsc#1200045).\n- scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock (bsc#1200045).\n- scsi: lpfc: Fix split code for FLOGI on FCoE (bsc#1200045).\n- scsi: lpfc: Fix typos in comments (bsc#1197675).\n- scsi: lpfc: Fix unload hang after back to back PCI EEH faults (bsc#1197675 bsc#1196478).\n- scsi: lpfc: Improve PCI EEH Error and Recovery Handling (bsc#1197675 bsc#1196478).\n- scsi: lpfc: Inhibit aborts if external loopback plug is inserted (bsc#1200045).\n- scsi: lpfc: Introduce FC_RSCN_MEMENTO flag for tracking post RSCN completion (bsc#1200045).\n- scsi: lpfc: Kill lpfc_bus_reset_handler() (bsc#1197675).\n- scsi: lpfc: Move cfg_log_verbose check before calling lpfc_dmp_dbg() (bsc#1200045).\n- scsi: lpfc: Move MI module parameter check to handle dynamic disable (bsc#1200045).\n- scsi: lpfc: Protect memory leak for NPIV ports sending PLOGI_RJT (bsc#1200045).\n- scsi: lpfc: Reduce log messages seen after firmware download (bsc#1197675).\n- scsi: lpfc: Refactor cleanup of mailbox commands (bsc#1200045).\n- scsi: lpfc: Register for Application Services FC-4 type in Fabric topology (bsc#1200045).\n- scsi: lpfc: Remove failing soft_wwn support (bsc#1197675).\n- scsi: lpfc: Remove false FDMI NVMe FC-4 support for NPIV ports (bsc#1200045).\n- scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled (bsc#1197675).\n- scsi: lpfc: Remove redundant flush_workqueue() call (bsc#1197675).\n- scsi: lpfc: Remove redundant lpfc_sli_prep_wqe() call (bsc#1200045).\n- scsi: lpfc: Remove unnecessary null ndlp check in lpfc_sli_prep_wqe() (bsc#1200045).\n- scsi: lpfc: Remove unnecessary NULL pointer assignment for ELS_RDF path (bsc#1200045).\n- scsi: lpfc: Remove unneeded variable (bsc#1200045).\n- scsi: lpfc: Requeue SCSI I/O to upper layer when fw reports link down (bsc#1200045).\n- scsi: lpfc: Resolve NULL ptr dereference after an ELS LOGO is aborted (bsc#1201193).\n- scsi: lpfc: Resolve some cleanup issues following abort path refactoring (bsc#1201193).\n- scsi: lpfc: Resolve some cleanup issues following SLI path refactoring (bsc#1201193).\n- scsi: lpfc: Revise FDMI reporting of supported port speed for trunk groups (bsc#1200045).\n- scsi: lpfc: Rework FDMI initialization after link up (bsc#1200045).\n- scsi: lpfc: Rework lpfc_vmid_get_appid() to be protocol independent (bsc#1201193).\n- scsi: lpfc: SLI path split: Introduce lpfc_prep_wqe (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor Abort paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor base ELS paths and the FLOGI path (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor BSG paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor CT paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor fast and slow paths to native SLI4 (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor FDISC paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor lpfc_iocbq (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor LS_ACC paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor LS_RJT paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor misc ELS paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor PLOGI/PRLI/ADISC/LOGO paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor SCSI paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor the RSCN/SCR/RDF/EDC/FARPR paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor VMID paths (bsc#1197675).\n- scsi: lpfc: Transition to NPR state upon LOGO cmpl if link down or aborted (bsc#1200045).\n- scsi: lpfc: Tweak message log categories for ELS/FDMI/NVMe rescan (bsc#1200045).\n- scsi: lpfc: Update fc_prli_sent outstanding only after guaranteed IOCB submit (bsc#1200045).\n- scsi: lpfc: Update lpfc version to 14.2.0.0 (bsc#1197675).\n- scsi: lpfc: Update lpfc version to 14.2.0.1 (bsc#1197675).\n- scsi: lpfc: Update lpfc version to 14.2.0.2 (bsc#1200045).\n- scsi: lpfc: Update lpfc version to 14.2.0.3 (bsc#1200045).\n- scsi: lpfc: Update lpfc version to 14.2.0.4 (bsc#1201193).\n- scsi: lpfc: Update stat accounting for READ_STATUS mbox command (bsc#1200045).\n- scsi: lpfc: Use fc_block_rport() (bsc#1197675).\n- scsi: lpfc: Use irq_set_affinity() (bsc#1197675).\n- scsi: lpfc: Use kcalloc() (bsc#1197675).\n- scsi: lpfc: Use list_for_each_entry_safe() in rscn_recovery_check() (bsc#1200045).\n- scsi: lpfc: Use rport as argument for lpfc_chk_tgt_mapped() (bsc#1197675).\n- scsi: lpfc: Use rport as argument for lpfc_send_taskmgmt() (bsc#1197675).\n- scsi: lpfc: Use sg_dma_address() and sg_dma_len() macros for NVMe I/O (bsc#1200045).\n- scsi: lpfc: Zero SLI4 fcp_cmnd buffer\u0027s fcpCntl0 field (bsc#1200045).\n- scsi: mpt3sas: Fix incorrect 4GB boundary check (git-fixes).\n- scsi: mpt3sas: Fix use after free in _scsih_expander_node_remove() (git-fixes).\n- scsi: mpt3sas: Page fault in reply q processing (git-fixes).\n- scsi: mpt3sas: Use cached ATA Information VPD page (git-fixes).\n- scsi: mvsas: Add spin_lock/unlock() to protect asd_sas_port-\u003ephy_list (bsc#1198802).\n- scsi: nvme-fc: Add new routine nvme_fc_io_getuuid() (bsc#1201193).\n- scsi: pm8001: Fix abort all task initialization (git-fixes).\n- scsi: pm8001: Fix command initialization in pm8001_chip_ssp_tm_req() (git-fixes).\n- scsi: pm8001: Fix command initialization in pm80XX_send_read_log() (git-fixes).\n- scsi: pm8001: Fix le32 values handling in pm80xx_chip_sata_req() (git-fixes).\n- scsi: pm8001: Fix le32 values handling in pm80xx_chip_ssp_io_req() (git-fixes).\n- scsi: pm8001: Fix le32 values handling in pm80xx_set_sas_protocol_timer_config() (git-fixes).\n- scsi: pm8001: Fix NCQ NON DATA command completion handling (git-fixes).\n- scsi: pm8001: Fix NCQ NON DATA command task initialization (git-fixes).\n- scsi: pm8001: Fix payload initialization in pm80xx_encrypt_update() (git-fixes).\n- scsi: pm8001: Fix payload initialization in pm80xx_set_thermal_config() (git-fixes).\n- scsi: pm80xx: Enable upper inbound, outbound queues (git-fixes).\n- scsi: pm80xx: Mask and unmask upper interrupt vectors 32-63 (git-fixes).\n- scsi: qedi: Fix ABBA deadlock in qedi_process_tmf_resp() and qedi_process_cmd_cleanup_resp() (git-fixes).\n- scsi: qla2xxx: Add a new v2 dport diagnostic feature (bsc#1201160).\n- scsi: qla2xxx: Add debug prints in the device remove path (bsc#1201160).\n- scsi: qla2xxx: Add devids and conditionals for 28xx (bsc#1195823).\n- scsi: qla2xxx: Add ql2xnvme_queues module param to configure number of NVMe queues (bsc#1195823).\n- scsi: qla2xxx: Add qla2x00_async_done() for async routines (bsc#1195823).\n- scsi: qla2xxx: Add retry for exec firmware (bsc#1195823).\n- scsi: qla2xxx: Check for firmware dump already collected (bsc#1195823).\n- scsi: qla2xxx: edif: Add bsg interface to read doorbell events (bsc#1201160).\n- scsi: qla2xxx: edif: Add retry for ELS passthrough (bsc#1201160).\n- scsi: qla2xxx: edif: bsg refactor (bsc#1201160).\n- scsi: qla2xxx: edif: Fix clang warning (bsc#1195823).\n- scsi: qla2xxx: edif: Fix inconsistent check of db_flags (bsc#1195823).\n- scsi: qla2xxx: edif: Fix I/O timeout due to over-subscription (bsc#1201160).\n- scsi: qla2xxx: edif: Fix n2n discovery issue with secure target (bsc#1201160).\n- scsi: qla2xxx: edif: Fix n2n login retry for secure device (bsc#1201160).\n- scsi: qla2xxx: edif: Fix no login after app start (bsc#1201160).\n- scsi: qla2xxx: edif: Fix no logout on delete for N2N (bsc#1201160).\n- scsi: qla2xxx: edif: Fix potential stuck session in sa update (bsc#1201160).\n- scsi: qla2xxx: edif: Fix session thrash (bsc#1201160).\n- scsi: qla2xxx: edif: Fix slow session teardown (bsc#1201160).\n- scsi: qla2xxx: edif: Reduce connection thrash (bsc#1195823).\n- scsi: qla2xxx: edif: Reduce disruption due to multiple app start (bsc#1201160).\n- scsi: qla2xxx: edif: Reduce Initiator-Initiator thrashing (bsc#1201160).\n- scsi: qla2xxx: edif: Reduce N2N thrashing at app_start time (bsc#1201160).\n- scsi: qla2xxx: edif: Remove old doorbell interface (bsc#1201160).\n- scsi: qla2xxx: edif: Remove unneeded variable (bsc#1200046).\n- scsi: qla2xxx: edif: Replace list_for_each_safe with list_for_each_entry_safe (bsc#1195823).\n- scsi: qla2xxx: edif: Send LOGO for unexpected IKE message (bsc#1201160).\n- scsi: qla2xxx: edif: Synchronize NPIV deletion with authentication application (bsc#1201160).\n- scsi: qla2xxx: edif: Tear down session if keys have been removed (bsc#1201160).\n- scsi: qla2xxx: edif: Tweak trace message (bsc#1195823).\n- scsi: qla2xxx: edif: Wait for app to ack on sess down (bsc#1201160).\n- scsi: qla2xxx: Fix crash due to stale SRB access around I/O timeouts (bsc#1201160).\n- scsi: qla2xxx: Fix crash during module load unload test (bsc#1197661).\n- scsi: qla2xxx: Fix device reconnect in loop topology (bsc#1195823).\n- scsi: qla2xxx: Fix disk failure to rediscover (bsc#1197661).\n- scsi: qla2xxx: Fix erroneous mailbox timeout after PCI error injection (bsc#1201160).\n- scsi: qla2xxx: Fix excessive I/O error messages by default (bsc#1201160).\n- scsi: qla2xxx: Fix hang due to session stuck (bsc#1197661).\n- scsi: qla2xxx: Fix incorrect reporting of task management failure (bsc#1197661).\n- scsi: qla2xxx: Fix laggy FC remote port session recovery (bsc#1197661).\n- scsi: qla2xxx: Fix losing FCP-2 targets during port perturbation tests (bsc#1201160).\n- scsi: qla2xxx: Fix losing FCP-2 targets on long port disable with I/Os (bsc#1201160).\n- scsi: qla2xxx: Fix losing target when it reappears during delete (bsc#1201160).\n- scsi: qla2xxx: Fix loss of NVMe namespaces after driver reload test (bsc#1197661).\n- scsi: qla2xxx: Fix missed DMA unmap for aborted commands (bsc#1200046).\n- scsi: qla2xxx: Fix missed DMA unmap for NVMe ls requests (bsc#1197661).\n- scsi: qla2xxx: Fix N2N inconsistent PLOGI (bsc#1197661).\n- scsi: qla2xxx: Fix premature hw access after PCI error (bsc#1195823).\n- scsi: qla2xxx: Fix scheduling while atomic (bsc#1195823).\n- scsi: qla2xxx: Fix stuck session in gpdb (bsc#1195823).\n- scsi: qla2xxx: Fix stuck session of PRLI reject (bsc#1197661).\n- scsi: qla2xxx: Fix T10 PI tag escape and IP guard options for 28XX adapters (bsc#1195823).\n- scsi: qla2xxx: Fix typos in comments (bsc#1197661).\n- scsi: qla2xxx: Fix warning for missing error code (bsc#1195823).\n- scsi: qla2xxx: Fix warning message due to adisc being flushed (bsc#1195823).\n- scsi: qla2xxx: Fix wrong FDMI data for 64G adapter (bsc#1195823).\n- scsi: qla2xxx: Implement ref count for SRB (bsc#1195823).\n- scsi: qla2xxx: Increase max limit of ql2xnvme_queues (bsc#1197661).\n- scsi: qla2xxx: Reduce false trigger to login (bsc#1197661).\n- scsi: qla2xxx: Refactor asynchronous command initialization (bsc#1195823).\n- scsi: qla2xxx: Remove a declaration (bsc#1195823).\n- scsi: qla2xxx: Remove free_sg command flag (bsc#1200046).\n- scsi: qla2xxx: Remove setting of \u0027req\u0027 and \u0027rsp\u0027 parameters (bsc#1201160).\n- scsi: qla2xxx: Remove unneeded flush_workqueue() (bsc#1200046).\n- scsi: qla2xxx: Remove unused qla_sess_op_cmd_list from scsi_qla_host_t (bsc#1195823).\n- scsi: qla2xxx: Remove unused \u0027ql_dm_tgt_ex_pct\u0027 parameter (bsc#1201160).\n- scsi: qla2xxx: Stop using the SCSI pointer (bsc#1197661).\n- scsi: qla2xxx: Suppress a kernel complaint in qla_create_qpair() (bsc#1195823).\n- scsi: qla2xxx: Turn off multi-queue for 8G adapters (bsc#1201160).\n- scsi: qla2xxx: Update version to 10.02.07.200-k (bsc#1195823).\n- scsi: qla2xxx: Update version to 10.02.07.300-k (bsc#1195823).\n- scsi: qla2xxx: Update version to 10.02.07.400-k (bsc#1197661).\n- scsi: qla2xxx: Update version to 10.02.07.500-k (bsc#1201160).\n- scsi: qla2xxx: Update version to 10.02.07.600-k (bsc#1201160).\n- scsi: qla2xxx: Update version to 10.02.07.700-k (bsc#1201160).\n- scsi: qla2xxx: Use correct feature type field during RFF_ID processing (bsc#1197661).\n- scsi: qla2xxx: Use named initializers for port_state_str (bsc#1197661).\n- scsi: qla2xxx: Use named initializers for q_dev_state (bsc#1197661).\n- scsi: qla2xxx: Wind down adapter after PCIe error (bsc#1201160).\n- scsi: scsi_transport_fc: Fix FPIN Link Integrity statistics counters (git-fixes).\n- scsi: sr: Do not leak information in ioctl (git-fixes).\n- scsi: ufs: core: Exclude UECxx from SFR dump list (git-fixes).\n- scsi: ufs: qcom: Add a readl() to make sure ref_clk gets enabled (git-fixes).\n- scsi: ufs: qcom: Fix ufs_qcom_resume() (git-fixes).\n- scsi: virtio-scsi: Eliminate anonymous module_init and module_exit (git-fixes).\n- scsi: zorro7xx: Fix a resource leak in zorro7xx_remove_one() (git-fixes).\n- selftest: KVM: Add open sev dev helper (bsc#1194526).\n- selftests/bpf: Remove unused variable in tc_tunnel prog (git-fixes).\n- selftests: firmware: Fix the request_firmware_into_buf() test for XZ format (git-fixes).\n- selftests: firmware: Use smaller dictionary for XZ compression (git-fixes).\n- selftests: fix check for circular KVM_CAP_VM_MOVE_ENC_CONTEXT_FROM (bsc#1194526).\n- selftests: KVM: Add /x86_64/sev_migrate_tests to .gitignore (bsc#1194526).\n- selftests: KVM: Fix check for !POLLIN in demand_paging_test (bsc#1194526).\n- selftests: kvm: Remove absent target file (git-fixes).\n- selftests: KVM: sev_migrate_tests: Fix sev_ioctl() (bsc#1194526).\n- selftests: kvm/x86: Fix the warning in lib/x86_64/processor.c (bsc#1194526).\n- selftests/powerpc: Add test for real address error handling (jsc#SLE-18194).\n- serial: 8250: Also set sticky MCR bits in console restoration (git-fixes).\n- serial: 8250_aspeed_vuart: add PORT_ASPEED_VUART port type (git-fixes).\n- serial: 8250_aspeed_vuart: Fix potential NULL dereference in aspeed_vuart_probe (git-fixes).\n- serial: 8250: core: Remove unneeded linux/pm_runtime.h (git-fixes).\n- serial: 8250: Correct the clock for EndRun PTP/1588 PCIe device (git-fixes).\n- serial: 8250_fintek: Check SER_RS485_RTS_* only with RS485 (git-fixes).\n- serial: 8250: Fix race condition in RTS-after-send handling (git-fixes).\n- serial: 8250: fix XOFF/XON sending when DMA is used (git-fixes).\n- serial: 8250_lpss: Balance reference count for PCI DMA device (git-fixes).\n- serial: 8250_mid: Balance reference count for PCI DMA device (git-fixes).\n- serial: 8250_mtk: Fix register address for XON/XOFF character (git-fixes).\n- serial: 8250_mtk: Fix UART_EFR register address (git-fixes).\n- serial: 8250: pxa: Remove unneeded linux/pm_runtime.h (git-fixes).\n- serial: core: Fix the definition name in the comment of UPF_* flags (git-fixes).\n- serial: cpm_uart: Fix build error without CONFIG_SERIAL_CPM_CONSOLE (git-fixes).\n- serial: digicolor-usart: Do not allow CS5-6 (git-fixes).\n- serial: imx: fix overrun interrupts in DMA mode (git-fixes).\n- serial: meson: acquire port-\u003elock in startup() (git-fixes).\n- serial: msm_serial: disable interrupts in __msm_console_write() (git-fixes).\n- serial: pch: do not overwrite xmit-\u003ebuf[0] by x_char (git-fixes).\n- serial: rda-uart: Do not allow CS5-6 (git-fixes).\n- serial: samsung_tty: do not unlock port-\u003elock for uart_write_wakeup() (git-fixes).\n- serial: sh-sci: Do not allow CS5-6 (git-fixes).\n- serial: sifive: Report actual baud base rather than fixed 115200 (git-fixes).\n- serial: sifive: Sanitize CSIZE and c_iflag (git-fixes).\n- serial: st-asc: Sanitize CSIZE and correct PARENB for CS7 (git-fixes).\n- serial: stm32-usart: Correct CSIZE, bits, and parity (git-fixes).\n- serial: txx9: Do not allow CS5-6 (git-fixes).\n- sfc: Do not free an empty page_ring (git-fixes).\n- sfc: fallback for lack of xdp tx queues (bsc#1196306).\n- sfc: last resort fallback for lack of xdp tx queues (bsc#1196306).\n- sfc: Use swap() instead of open coding it (bsc#1196306).\n- sfc: use swap() to make code cleaner (bsc#1196306).\n- skbuff: fix coalescing for page_pool fragment recycling (bsc#1190336).\n- slimbus: qcom: Fix IRQ check in qcom_slim_probe (git-fixes).\n- slip: fix macro redefine warning (git-fixes).\n- smb3: add mount parm nosparse (bsc#1193629).\n- smb3: add trace point for lease not found issue (bsc#1193629).\n- smb3: add trace point for oplock not found (bsc#1193629).\n- smb3: check for null tcon (bsc#1193629).\n- smb3: cleanup and clarify status of tree connections (bsc#1193629).\n- smb3: do not set rc when used and unneeded in query_info_compound (bsc#1193629).\n- SMB3: EBADF/EIO errors in rename/open caused by race condition in smb2_compound_op (bsc#1193629).\n- smb3: fix incorrect session setup check for multiuser mounts (bsc#1193629).\n- smb3: fix ksmbd bigendian bug in oplock break, and move its struct to smbfs_common (bsc#1193629).\n- smb3: fix snapshot mount option (bsc#1193629).\n- [smb3] improve error message when mount options conflict with posix (bsc#1193629).\n- smb3: move defines for ioctl protocol header and SMB2 sizes to smbfs_common (bsc#1193629).\n- smb3: move defines for query info and query fsinfo to smbfs_common (bsc#1193629).\n- [smb3] move more common protocol header definitions to smbfs_common (bsc#1193629).\n- smb3: send NTLMSSP version information (bsc#1193629).\n- smp: Fix offline cpu check in flush_smp_call_function_queue() (git-fixes).\n- smsc911x: allow using IRQ0 (git-fixes).\n- soc: aspeed: lpc-ctrl: Block error printing on probe defer cases (git-fixes).\n- soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe (git-fixes).\n- soc: bcm: Check for NULL return of devm_kzalloc() (git-fixes).\n- soc: fsl: Correct MAINTAINERS database (QUICC ENGINE LIBRARY) (git-fixes).\n- soc: fsl: Correct MAINTAINERS database (SOC) (git-fixes).\n- soc: fsl: guts: Add a missing memory allocation failure check (git-fixes).\n- soc: fsl: guts: Revert commit 3c0d64e867ed (git-fixes).\n- soc: fsl: qe: Check of ioremap return value (git-fixes).\n- soc: mediatek: pm-domains: Add wakeup capacity support in power domain (git-fixes).\n- soc: qcom: aoss: Expose send for generic usecase (git-fixes).\n- soc: qcom: aoss: Fix missing put_device call in qmp_get (git-fixes).\n- soc: qcom: aoss: remove spurious IRQF_ONESHOT flags (git-fixes).\n- soc: qcom: llcc: Add MODULE_DEVICE_TABLE() (git-fixes).\n- soc: qcom: ocmem: Fix missing put_device() call in of_get_ocmem (git-fixes).\n- soc: qcom: rpmpd: Check for null return of devm_kcalloc (git-fixes).\n- soc: qcom: smp2p: Fix missing of_node_put() in smp2p_parse_ipc (git-fixes).\n- soc: qcom: smsm: Fix missing of_node_put() in smsm_parse_ipc (git-fixes).\n- soc: rockchip: Fix refcount leak in rockchip_grf_init (git-fixes).\n- soc: ti: ti_sci_pm_domains: Check for null return of devm_kcalloc (git-fixes).\n- soc: ti: wkup_m3_ipc: Fix IRQ check in wkup_m3_ipc_probe (git-fixes).\n- sound/oss/dmasound: fix build when drivers are mixed =y/=m (git-fixes).\n- sound/oss/dmasound: fix \u0027dmasound_setup\u0027 defined but not used (git-fixes).\n- soundwire: intel: fix wrong register name in intel_shim_wake (git-fixes).\n- soundwire: intel: prevent pm_runtime resume prior to system suspend (git-fixes).\n- soundwire: qcom: adjust autoenumeration timeout (git-fixes).\n- speakup-dectlk: Restore pitch setting (git-fixes).\n- spi: atmel-quadspi: Fix the buswidth adjustment between spi-mem and controller (git-fixes).\n- spi: bcm-qspi: fix MSPI only access with bcm_qspi_exec_mem_op() (git-fixes).\n- spi: cadence-quadspi: fix incorrect supports_op() return value (git-fixes).\n- spi: cadence-quadspi: fix protocol setup for non-1-1-X operations (git-fixes).\n- spi: core: add dma_map_dev for __spi_unmap_msg() (git-fixes).\n- spi: Fix erroneous sgs value with min_t() (git-fixes).\n- spi: Fix invalid sgs value (git-fixes).\n- spi: Fix Tegra QSPI example (git-fixes).\n- spi: img-spfi: Fix pm_runtime_get_sync() error checking (git-fixes).\n- spi: mxic: Fix the transmit path (git-fixes).\n- spi: pxa2xx-pci: Balance reference count for PCI DMA device (git-fixes).\n- spi: qcom-qspi: Add minItems to interconnect-names (git-fixes).\n- spi: rockchip: Fix error in getting num-cs property (git-fixes).\n- spi: rockchip: fix missing error on unsupported SPI_CS_HIGH (git-fixes).\n- spi: rockchip: Preset cs-high and clk polarity in setup progress (git-fixes).\n- spi: rockchip: Stop spi slave dma receiver when cs inactive (git-fixes).\n- spi: rockchip: terminate dma transmission when slave abort (git-fixes).\n- spi: spi-cadence: Fix kernel-doc format for resume/suspend (git-fixes).\n- spi: spi-fsl-qspi: check return value after calling platform_get_resource_byname() (git-fixes).\n- spi: spi-mtk-nor: initialize spi controller after resume (git-fixes).\n- spi: spi-rspi: Remove setting {src,dst}_{addr,addr_width} based on DMA direction (git-fixes).\n- spi: spi-ti-qspi: Fix return value handling of wait_for_completion_timeout (git-fixes).\n- spi: spi-zynqmp-gqspi: Handle error for dma_set_mask (git-fixes).\n- spi: spi-zynq-qspi: Fix a NULL pointer dereference in zynq_qspi_exec_mem_op() (git-fixes).\n- spi: stm32-qspi: Fix wait_cmd timeout in APM mode (git-fixes).\n- spi: tegra114: Add missing IRQ check in tegra_spi_probe (git-fixes).\n- spi: tegra20: Use of_device_get_match_data() (git-fixes).\n- spi: tegra210-quad: Fix missin IRQ check in tegra_qspi_probe (git-fixes).\n- sr9700: sanity check for packet length (bsc#1196836).\n- staging: fbtft: fb_st7789v: reset display before initialization (git-fixes).\n- staging: fbtft: Fix error path in fbtft_driver_module_init() (git-fixes).\n- staging: fieldbus: Fix the error handling path in anybuss_host_common_probe() (git-fixes).\n- staging: gdm724x: fix use after free in gdm_lte_rx() (git-fixes).\n- staging:iio:adc:ad7280a: Fix handing of device address bit reversing (git-fixes).\n- staging: most: dim2: force fcnt=3 on Renesas GEN3 (git-fixes).\n- staging: most: dim2: use device release method (git-fixes).\n- staging: most: dim2: use if statements instead of ?: expressions (git-fixes).\n- staging: mt7621-dts: fix formatting (git-fixes).\n- staging: mt7621-dts: fix LEDs and pinctrl on GB-PC1 devicetree (git-fixes).\n- staging: mt7621-dts: fix pinctrl-0 items to be size-1 items on ethernet (git-fixes).\n- staging: mt7621-dts: fix pinctrl properties for ethernet (git-fixes).\n- staging: rtl8712: fix a potential memory leak in r871xu_drv_init() (git-fixes).\n- staging: rtl8712: fix uninit-value in r871xu_drv_init() (git-fixes).\n- staging: rtl8712: fix uninit-value in usb_read8() and friends (git-fixes).\n- staging: rtl8723bs: Fix access-point mode deadlock (git-fixes).\n- staging: vc04_services: shut up out-of-range warning (git-fixes).\n- staging: vchiq_arm: Avoid NULL ptr deref in vchiq_dump_platform_instances (git-fixes).\n- staging: vchiq_core: handle NULL result of find_service_by_handle (git-fixes).\n- staging: vchiq: Move certain declarations to vchiq_arm.h (git-fixes).\n- staging: vchiq: Move vchiq char driver to its own file (git-fixes).\n- staging: vchiq: Refactor vchiq cdev code (git-fixes).\n- staging: wfx: fix an error handling in wfx_init_common() (git-fixes).\n- stddef: Introduce DECLARE_FLEX_ARRAY() helper (git-fixes).\n- stm: ltdc: fix two incorrect NULL checks on list iterator (bsc#1190786)\n- SUNRPC: change locking for xs_swap_enable/disable (bsc#1196367).\n- SUNRPC: Do not dereference non-socket transports in sysfs (git-fixes).\n- SUNRPC: Do not dereference non-socket transports in sysfs - kabi fix (git-fixes).\n- SUNRPC do not resend a task on an offlined transport (git-fixes).\n- SUNRPC: Ensure gss-proxy connects on setup (git-fixes).\n- SUNRPC: Ensure that the gssproxy client can start in a connected state (git-fixes).\n- SUNRPC: Fix the calculation of xdr-\u003eend in xdr_get_next_encode_buffer() (git-fixes).\n- SUNRPC: Fix the svc_deferred_event trace class (git-fixes).\n- SUNRPC: Handle ENOMEM in call_transmit_status() (git-fixes).\n- SUNRPC: Handle low memory situations in call_status() (git-fixes).\n- SUNRPC release the transport of a relocated task with an assigned transport (git-fixes).\n- SUNRPC: svc_tcp_sendmsg() should handle errors from xdr_alloc_bvec() (git-fixes).\n- SUNRPC: Trap RDMA segment overflows (git-fixes).\n- SUNRPC: use different lock keys for INET6 and LOCAL (git-fixes).\n- supported.conf: add intel_sdsi\n- supported.conf: mark pfuze100 regulator as supported (bsc#1199909)\n- supported.conf: Support TPM TIS SPI driver (jsc#SLE-24093)\n- surface: surface3_power: Fix battery readings on batteries without a serial number (git-fixes).\n- swiotlb: max mapping size takes min align mask into account (bsc#1197303).\n- sysrq: do not omit current cpu when showing backtrace of all active CPUs (git-fixes).\n- thermal/core: Fix memory leak in __thermal_cooling_device_register() (git-fixes).\n- thermal: core: Fix TZ_GET_TRIP NULL pointer dereference (git-fixes).\n- thermal: devfreq_cooling: use local ops instead of global ops (git-fixes).\n- thermal/drivers/bcm2711: Do not clamp temperature at zero (git-fixes).\n- thermal/drivers/broadcom: Fix potential NULL dereference in sr_thermal_probe (git-fixes).\n- thermal/drivers/imx_sc_thermal: Fix refcount leak in imx_sc_thermal_probe (git-fixes).\n- thermal/drivers/int340x: Improve the tcc offset saving for suspend/resume (git-fixes).\n- thermal: int340x: Check for NULL after calling kmemdup() (git-fixes).\n- thermal: int340x: Fix attr.show callback prototype (git-fixes).\n- thermal: int340x: fix memory leak in int3400_notify() (git-fixes).\n- thermal: int340x: Increase bitmap size (git-fixes).\n- thunderbolt: Use different lane for second DisplayPort tunnel (git-fixes).\n- tick/nohz: unexport __init-annotated tick_nohz_full_setup() (bsc#1201218).\n- tilcdc: tilcdc_external: fix an incorrect NULL check on list iterator (bsc#1190786)\n- timekeeping: Mark NMI safe time accessors as notrace (git-fixes)\n- timers: Fix warning condition in __run_timers() (git-fixes)\n- TOMOYO: fix __setup handlers return values (git-fixes).\n- tools arch x86: Add Intel SDSi provisiong tool (jsc#SLE-18938).\n- tools: bpftool: Complete metrics list in \u0027bpftool prog profile\u0027 doc (git-fixes).\n- tools: bpftool: Document and add bash completion for -L, -B options (git-fixes).\n- tools: bpftool: Update and synchronise option list in doc and help msg (git-fixes).\n- tpm: Fix buffer access in tpm2_get_tpm_pt() (git-fixes).\n- tpm: Fix error handling in async work (git-fixes).\n- tpm: ibmvtpm: Correct the return value in tpm_ibmvtpm_probe() (bsc#1065729).\n- tpm: use try_get_ops() in tpm-space.c (git-fixes).\n- tps6598x: clear int mask on probe failure (git-fixes).\n- tracing: Do not inc err_log entry count if entry allocation fails (git-fixes).\n- tracing: Dump stacktrace trigger to the corresponding instance (git-fixes).\n- tracing: Fix potential double free in create_var_ref() (git-fixes).\n- tracing: Fix return value of __setup handlers (git-fixes).\n- tracing: Fix return value of trace_pid_write() (git-fixes).\n- tracing: Fix smatch warning for null glob in event_hist_trigger_parse() (git-fixes).\n- tracing: Have trace event string test handle zero length strings (git-fixes).\n- tracing: Have traceon and traceoff trigger honor the instance (git-fixes).\n- tracing/histogram: Fix a potential memory leak for kstrdup() (git-fixes).\n- tracing/histogram: Fix sorting on old \u0027cpu\u0027 value (git-fixes).\n- tracing/osnoise: Force quiescent states while tracing (git-fixes).\n- tracing: Propagate is_signed to expression (git-fixes).\n- tracing: Show kretprobe unknown indicator only for kretprobe_trampoline (bsc#1193277).\n- tty: Fix a possible resource leak in icom_probe (git-fixes).\n- tty: fix deadlock caused by calling printk() under tty_port-\u003elock (git-fixes).\n- tty: goldfish: Fix free_irq() on remove (git-fixes).\n- tty: goldfish: Introduce gf_ioread32()/gf_iowrite32() (git-fixes).\n- tty: goldfish: Use tty_port_destroy() to destroy port (git-fixes).\n- tty: n_gsm: Debug output allocation must use GFP_ATOMIC (git-fixes).\n- tty: n_gsm: Do not ignore write return value in gsmld_output() (git-fixes).\n- tty: n_gsm: fix deadlock in gsmtty_open() (git-fixes).\n- tty: n_gsm: fix encoding of control signal octet bit DV (git-fixes).\n- tty: n_gsm: fix NULL pointer access due to DLCI release (git-fixes).\n- tty: n_gsm: Fix packet data hex dump output (git-fixes).\n- tty: n_gsm: fix proper link termination after failed open (git-fixes).\n- tty: n_gsm: fix wrong modem processing in convergence layer type 2 (git-fixes).\n- tty: n_gsm: fix wrong tty control line for flow control (git-fixes).\n- tty: n_tty: do not look ahead for EOL character past the end of the buffer (git-fixes).\n- tty: n_tty: Restore EOF push handling behavior (git-fixes).\n- tty/serial: digicolor: fix possible null-ptr-deref in digicolor_uart_probe() (git-fixes).\n- tty: serial: fsl_lpuart: fix potential bug when using both of_alias_get_id and ida_simple_get (git-fixes).\n- tty: serial: owl: Fix missing clk_disable_unprepare() in owl_uart_probe (git-fixes).\n- tty: synclink_gt: Fix null-pointer-dereference in slgt_clean() (git-fixes).\n- u64_stats: Disable preemption on 32bit UP+SMP PREEMPT_RT during updates (bsc#1189998).\n- uapi/linux/stddef.h: Add include guards (jsc#SLE-18978).\n- ucounts: Enforce RLIMIT_NPROC not RLIMIT_NPROC+1 (bsc#1194191).\n- udmabuf: validate ubuf-\u003epagecount (git-fixes).\n- udp_tunnel: Fix end of loop test in udp_tunnel_nic_unregister() (git-fixes).\n- usb: cdc-wdm: fix reading stuck on device close (git-fixes).\n- usb: cdns3: Fix issue for clear halt endpoint (git-fixes).\n- usb: cdnsp: fix cdnsp_decode_trb function to properly handle ret value (git-fixes).\n- usb: cdnsp: Fixed setting last_trb incorrectly (git-fixes).\n- usb: chipidea: udc: check request status before setting device address (git-fixes).\n- usb: core: Do not hold the device lock while sleeping in do_proc_control() (git-fixes).\n- usb: core: hcd: Add support for deferring roothub registration (git-fixes).\n- usb: dwc2: drd: fix soft connect when gadget is unconfigured (git-fixes).\n- usb: dwc2: Fix memory leak in dwc2_hcd_init (git-fixes).\n- usb: dwc2: gadget: do not reset gadget\u0027s driver-\u003ebus (git-fixes).\n- usb: dwc2: gadget: do not try to disable ep0 in dwc2_hsotg_suspend (git-fixes).\n- usb: dwc3: core: Fix tx/rx threshold settings (git-fixes).\n- usb: dwc3: core: Only handle soft-reset in DCTL (git-fixes).\n- usb: dwc3: Decouple USB 2.0 L1 \u0026 L2 events (git-fixes).\n- usb: dwc3: gadget: Change to dev_dbg() when queuing to inactive gadget/ep (git-fixes).\n- usb: dwc3: gadget: ep_queue simplify isoc start condition (git-fixes).\n- usb: dwc3: gadget: Fix IN endpoint max packet size allocation (git-fixes).\n- usb: dwc3: gadget: Give some time to schedule isoc (git-fixes).\n- usb: dwc3: gadget: Ignore Update Transfer cmd params (git-fixes).\n- usb: dwc3: gadget: Let the interrupt handler disable bottom halves (git-fixes).\n- usb: dwc3: gadget: move cmd_endtransfer to extra function (git-fixes).\n- usb: dwc3: gadget: Move null pinter check to proper place (git-fixes).\n- usb: dwc3: gadget: Prevent core from processing stale TRBs (git-fixes).\n- usb: dwc3: gadget: Prevent repeat pullup() (git-fixes).\n- usb: dwc3: gadget: Replace list_for_each_entry_safe() if using giveback (git-fixes).\n- usb: dwc3: gadget: Return proper request status (git-fixes).\n- usb: dwc3: gadget: Skip checking Update Transfer status (git-fixes).\n- usb: dwc3: gadget: Skip reading GEVNTSIZn (git-fixes).\n- usb: dwc3: gadget: Wait for ep0 xfers to complete during dequeue (git-fixes).\n- usb: dwc3: Issue core soft reset before enabling run/stop (git-fixes).\n- usb: dwc3: omap: fix \u0027unbalanced disables for smps10_out1\u0027 on omap5evm (git-fixes).\n- usb: dwc3: pci: Add \u0027snps,dis_u2_susphy_quirk\u0027 for Intel Bay Trail (git-fixes).\n- usb: dwc3: pci: add support for the Intel Meteor Lake-P (git-fixes).\n- usb: dwc3: pci: add support for the Intel Raptor Lake-S (git-fixes).\n- usb: dwc3: pci: Fix Bay Trail phy GPIO mappings (git-fixes).\n- usb: dwc3: pci: Fix pm_runtime_get_sync() error checking (git-fixes).\n- usb: dwc3: pci: Set the swnode from inside dwc3_pci_quirks() (git-fixes).\n- usb: dwc3: Try usb-role-switch first in dwc3_drd_init (git-fixes).\n- usb: dwc3: xilinx: fix uninitialized return value (git-fixes).\n- usb: ehci: add pci device support for Aspeed platforms (git-fixes).\n- usb: ehci-omap: drop unused ehci_read() function (git-fixes).\n- usb: f_fs: Fix use-after-free for epfile (git-fixes).\n- usb: Fix xhci event ring dequeue pointer ERDP update issue (git-fixes).\n- usb: gadget: configfs: clear deactivation flag in configfs_composite_unbind() (git-fixes).\n- usb: gadget: eliminate anonymous module_init and module_exit (git-fixes).\n- usb: gadget: f_fs: change ep-\u003eep safe in ffs_epfile_io() (git-fixes).\n- usb: gadget: f_fs: change ep-\u003estatus safe in ffs_epfile_io() (git-fixes).\n- USB: gadget: Fix double-free bug in raw_gadget driver (git-fixes).\n- usb: gadget: Fix non-unique driver names in raw-gadget driver (git-fixes).\n- usb: gadget: fix race when gadget driver register via ioctl (git-fixes).\n- usb: gadget: Fix use-after-free bug by not setting udc-\u003edev.driver (git-fixes).\n- usb: gadget: f_uac2: Define specific wTerminalType (git-fixes).\n- usb: gadget: lpc32xx_udc: Fix refcount leak in lpc32xx_udc_probe (git-fixes).\n- usb: gadget: rndis: add spinlock for rndis response list (git-fixes).\n- usb: gadget: rndis: check size of RNDIS_MSG_SET command (git-fixes).\n- usb: gadget: rndis: prevent integer overflow in rndis_set_response() (git-fixes).\n- usb: gadget: tegra-xudc: Do not program SPARAM (git-fixes).\n- usb: gadget: tegra-xudc: Fix control endpoint\u0027s definitions (git-fixes).\n- usb: gadget: udc: renesas_usb3: Fix host to USB_ROLE_NONE transition (git-fixes).\n- usb: gadget: u_ether: fix regression in setting fixed MAC address (git-fixes).\n- usb: gadget: uvc: allow for application to cleanly shutdown (git-fixes).\n- usb: gadget: uvc: Fix crash when encoding data for usb request (git-fixes).\n- usb: gadget: uvc: rename function to be more consistent (git-fixes).\n- usb: gadget: validate endpoint index for xilinx udc (git-fixes).\n- usb: gadget: validate interface OS descriptor requests (git-fixes).\n- usb: hcd-pci: Fully suspend across freeze/thaw cycle (git-fixes).\n- usb: hcd-pci: Use PCI_STD_NUM_BARS when checking standard BARs (git-fixes).\n- usb: host: isp116x: check return value after calling platform_get_resource() (git-fixes).\n- usb: isp1760: Fix out-of-bounds array access (git-fixes).\n- usb: misc: fix improper handling of refcount in uss720_probe() (git-fixes).\n- usb: mtu3: fix USB 3.0 dual-role-switch from device to host (git-fixes).\n- usb: musb: Fix missing of_node_put() in omap2430_probe (git-fixes).\n- usbnet: fix memory allocation in helpers (git-fixes).\n- usb: new quirk for Dell Gen 2 devices (git-fixes).\n- usb: phy: generic: Get the vbus supply (git-fixes).\n- usb: quirks: add a Realtek card reader (git-fixes).\n- usb: quirks: add STRING quirk for VCOM device (git-fixes).\n- usb: raw-gadget: fix handling of dual-direction-capable endpoints (git-fixes).\n- usb: serial: ch341: add support for GW Instek USB2.0-Serial devices (git-fixes).\n- usb: serial: cp210x: add CPI Bulk Coin Recycler id (git-fixes).\n- usb: serial: cp210x: add NCR Retail IO box id (git-fixes).\n- usb: serial: cp210x: add PIDs for Kamstrup USB Meter Reader (git-fixes).\n- usb: serial: ftdi_sio: add support for Brainboxes US-159/235/320 (git-fixes).\n- usb: serial: io_ti: add Agilent E5805A support (git-fixes).\n- usb: serial: option: add Fibocom L610 modem (git-fixes).\n- usb: serial: option: add Fibocom MA510 modem (git-fixes).\n- usb: serial: option: add Quectel BG95 modem (git-fixes).\n- USB: serial: option: add Quectel EM05-G modem (git-fixes).\n- USB: serial: option: add Quectel RM500K module support (git-fixes).\n- usb: serial: option: add support for Cinterion MV31 with new baseline (git-fixes).\n- usb: serial: option: add support for Cinterion MV32-WA/MV32-WB (git-fixes).\n- usb: serial: option: add support for DW5829e (git-fixes).\n- usb: serial: option: add Telit 0x1057, 0x1058, 0x1075 compositions (git-fixes).\n- USB: serial: option: add Telit LE910Cx 0x1250 composition (git-fixes).\n- usb: serial: option: add Telit LE910R1 compositions (git-fixes).\n- usb: serial: option: add ZTE MF286D modem (git-fixes).\n- usb: serial: pl2303: add device id for HP LM930 Display (git-fixes).\n- usb: serial: pl2303: add IBM device IDs (git-fixes).\n- USB: serial: pl2303: add support for more HXN (G) types (git-fixes).\n- usb: serial: pl2303: fix GS type detection (git-fixes).\n- usb: serial: pl2303: fix type detection for odd device (git-fixes).\n- usb: serial: qcserial: add support for Sierra Wireless EM7590 (git-fixes).\n- usb: serial: simple: add Nokia phone driver (git-fixes).\n- usb: serial: whiteheat: fix heap overflow in WHITEHEAT_GET_DTR_RTS (git-fixes).\n- usb: storage: karma: fix rio_karma_init return (git-fixes).\n- usb: storage: ums-realtek: fix error code in rts51x_read_mem() (git-fixes).\n- usb: typec: mux: Check dev_set_name() return value (git-fixes).\n- usb: typec: tcpci: Do not skip cleanup in .remove() on error (git-fixes).\n- usb: typec: tcpci_mt6360: Update for BMC PHY setting (git-fixes).\n- usb: typec: tipd: Forward plug orientation to typec subsystem (git-fixes).\n- usb: typec: ucsi: Fix reuse of completion structure (git-fixes).\n- usb: typec: ucsi: Fix role swapping (git-fixes).\n- usb: ulpi: Call of_node_put correctly (git-fixes).\n- usb: ulpi: Move of_node_put to ulpi_dev_release (git-fixes).\n- usb: usbip: add missing device lock on tweak configuration cmd (git-fixes).\n- usb: usbip: eliminate anonymous module_init and module_exit (git-fixes).\n- usb: usbip: fix a refcount leak in stub_probe() (git-fixes).\n- usb: usb-storage: Fix use of bitfields for hardware data in ene_ub6250.c (git-fixes).\n- usb: usbtmc: Fix bug in pipe direction for control transfers (git-fixes).\n- usb: xhci: tegra:Fix PM usage reference leak of tegra_xusb_unpowergate_partitions (git-fixes).\n- usb: zaurus: support another broken Zaurus (git-fixes).\n- vdpasim: allow to enable a vq repeatedly (git-fixes).\n- veth: Ensure eth header is in skb\u0027s linear part (git-fixes).\n- veth: fix races around rq-\u003erx_notify_masked (git-fixes).\n- vfio/ccw: Remove unneeded GFP_DMA (git-fixes).\n- vhost_vdpa: do not setup irq offloading when irq_num 0 (git-fixes).\n- vhost/vsock: do not check owner in vhost_vsock_stop() while releasing (git-fixes).\n- vhost/vsock: fix incorrect used length reported to the guest (git-fixes).\n- video: fbdev: atari: Atari 2 bpp (STe) palette bugfix (git-fixes).\n- video: fbdev: atmel_lcdfb: fix an error code in atmel_lcdfb_probe() (git-fixes).\n- video: fbdev: cirrusfb: check pixclock to avoid divide by zero (git-fixes).\n- video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup (git-fixes).\n- video: fbdev: controlfb: Fix COMPILE_TEST build (git-fixes).\n- video: fbdev: fbcvt.c: fix printing in fb_cvt_print_name() (git-fixes).\n- video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to avoid black screen (git-fixes).\n- video: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow (git-fixes).\n- video: fbdev: omapfb: acx565akm: replace snprintf with sysfs_emit (git-fixes).\n- video: fbdev: omapfb: Add missing of_node_put() in dvic_probe_of (git-fixes).\n- video: fbdev: omapfb: panel-dsi-cm: Use sysfs_emit() instead of snprintf() (git-fixes).\n- video: fbdev: omapfb: panel-tpo-td043mtea1: Use sysfs_emit() instead of snprintf() (git-fixes).\n- video: fbdev: pxa3xx-gcu: release the resources correctly in pxa3xx_gcu_probe/remove() (git-fixes).\n- video: fbdev: sm712fb: Fix crash in smtcfb_read() (git-fixes).\n- video: fbdev: sm712fb: Fix crash in smtcfb_write() (git-fixes).\n- video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe() (git-fixes).\n- video: fbdev: udlfb: properly check endpoint type (bsc#1190497)\n- video: fbdev: udlfb: replace snprintf in show functions with sysfs_emit (git-fixes).\n- video: fbdev: w100fb: Reset global state (git-fixes).\n- virtio-blk: Do not use MAX_DISCARD_SEGMENTS if max_discard_seg is zero (git-fixes).\n- virtio_blk: eliminate anonymous module_init and module_exit (git-fixes).\n- virtio_blk: fix the discard_granularity and discard_alignment queue limits (git-fixes).\n- virtio_console: break out of buf poll on remove (git-fixes).\n- virtio_console: eliminate anonymous module_init and module_exit (git-fixes).\n- virtio: fix virtio transitional ids (git-fixes).\n- virtio-mmio: fix missing put_device() when vm_cmdline_parent registration failed (git-fixes).\n- virtio-net: fix for skb_over_panic inside big mode (git-fixes).\n- virtio-net: fix race between ndo_open() and virtio_device_ready() (git-fixes).\n- virtio_net: fix wrong buf address calculation when using xdp (git-fixes).\n- virtio_net: fix xdp_rxq_info bug after suspend/resume (git-fixes).\n- virtio-net: realign page_to_skb() after merges (git-fixes).\n- virtio: pci: Fix an error handling path in vp_modern_probe() (git-fixes).\n- virtio-pci: Remove wrong address verification in vp_del_vqs() (git-fixes).\n- VMCI: Fix the description of vmci_check_host_caps() (git-fixes).\n- vringh: Fix loop descriptors check in the indirect cases (git-fixes).\n- vsprintf: Fix %pK with kptr_restrict == 0 (bsc#1197889).\n- vsprintf: Fix potential unaligned access (bsc#1198379).\n- vt_ioctl: add array_index_nospec to VT_ACTIVATE (git-fixes).\n- vt_ioctl: fix array_index_nospec in vt_setactivate (git-fixes).\n- vxcan: enable local echo for sent CAN frames (git-fixes).\n- w1: w1_therm: fixes w1_seq for ds28ea00 sensors (git-fixes).\n- watchdog: rti-wdt: Add missing pm_runtime_disable() in probe function (git-fixes).\n- watchdog: rti-wdt: Fix pm_runtime_get_sync() error checking (git-fixes).\n- Watchdog: sp5100_tco: Add initialization using EFCH MMIO (bsc#1199260).\n- watchdog: sp5100_tco: Add support for get_timeleft (bsc#1199260).\n- Watchdog: sp5100_tco: Enable Family 17h+ CPUs (bsc#1199260).\n- Watchdog: sp5100_tco: Move timer initialization into function (bsc#1199260).\n- Watchdog: sp5100_tco: Refactor MMIO base address initialization (bsc#1199260).\n- watchdog: ts4800_wdt: Fix refcount leak in ts4800_wdt_probe (git-fixes).\n- watchdog: wdat_wdt: Stop watchdog when rebooting the system (git-fixes).\n- watch_queue: Actually free the watch (git-fixes).\n- watch_queue: Fix NULL dereference in error cleanup (git-fixes).\n- watch_queue: Free the page array when watch_queue is dismantled (git-fixes).\n- wcn36xx: Differentiate wcn3660 from wcn3620 (git-fixes).\n- wifi: mac80211: fix use-after-free in chanctx code (git-fixes).\n- wilc1000: fix crash observed in AP mode with cfg80211_register_netdevice() (git-fixes).\n- wireguard: queueing: use CFI-safe ptr_ring cleanup function (git-fixes).\n- wireguard: selftests: rename DEBUG_PI_LIST to DEBUG_PLIST (git-fixes).\n- wireguard: socket: free skb in send6 when ipv6 is disabled (git-fixes).\n- wireguard: socket: ignore v6 endpoints when ipv6 is disabled (git-fixes).\n- writeback: Avoid skipping inode writeback (bsc#1200813).\n- writeback: Fix inode-\u003ei_io_list not be protected by inode-\u003ei_lock error (bsc#1200821).\n- x86/boot: Add setup_indirect support in early_memremap_is_setup_data() (bsc#1190497).\n- x86/boot: Fix memremap of setup_indirect structures (bsc#1190497).\n- x86/cc: Move arch/x86/{kernel/cc_platform.c  coco/core.c} (jsc#SLE-19924).\n- x86/coco: Add API to handle encryption mask (jsc#SLE-19924).\n- x86/coco: Explicitly declare type of confidential computing platform (jsc#SLE-19924).\n- x86/cpu: Add Xeon Icelake-D to list of CPUs that support PPIN (bsc#1190497).\n- x86/cpufeatures: Re-enable ENQCMD (jsc#SLE-24350).\n- x86/cpu: Load microcode during restore_processor_state() (bsc#1190497).\n- x86/fpu: Clear PASID when copying fpstate (jsc#SLE-24350).\n- x86/kprobes: Add UNWIND_HINT_FUNC on kretprobe_trampoline() (bsc#1193277).\n- x86/kprobes: Fixup return address in generic trampoline handler (bsc#1193277).\n- x86/kprobes: Push a fake return address at kretprobe_trampoline (bsc#1193277).\n- x86/kvmclock: Fix Hyper-V Isolated VM boot issue when vCPUs 64 (bsc#1183682).\n- x86/kvm: Do not waste memory if kvmclock is disabled (bsc#1183682).\n- x86/MCE/AMD: Allow thresholding interface updates after init (bsc#1190497).\n- x86/mm/cpa: Generalize __set_memory_enc_pgtable() (jsc#SLE-19924).\n- x86/module: Fix the paravirt vs alternative order (bsc#1190497).\n- x86/pm: Save the MSR validity status at context setup (bsc#1190497).\n- x86/ptrace: Fix xfpregs_set() incorrect xmm clearing (bsc#1190497).\n- x86/speculation: Restore speculation related MSRs during S3 resume (bsc#1190497).\n- x86/traps: Demand-populate PASID MSR via #GP (jsc#SLE-24350).\n- x86/traps: Mark do_int3() NOKPROBE_SYMBOL (bsc#1190497).\n- x86/tsx: Use MSR_TSX_CTRL to clear CPUID bits (bsc#1190497).\n- x86/unwind: kABI workaround for unwind_state changes (bsc#1193277).\n- x86/unwind: Recover kretprobe trampoline entry (bsc#1193277).\n- xen/blkfront: fix comment for need_copy (git-fixes).\n- xen: fix is_xen_pmu() (git-fixes).\n- xen: unexport __init-annotated xen_xlate_map_ballooned_pages() (bsc#1201218).\n- xen/x86: obtain full video frame buffer address for Dom0 also under EFI (bsc#1193556).\n- xen/x86: obtain upper 32 bits of video frame buffer address for Dom0 (bsc#1193556).\n- xfs: drop async cache flushes from CIL commits (bsc#1195669).\n- xhci: Allow host runtime PM as default for Intel Alder Lake N xHCI (git-fixes).\n- xhci: Enable runtime PM on second Alderlake controller (git-fixes).\n- xhci: fix garbage USBSTS being logged in some cases (git-fixes).\n- xhci: fix runtime PM imbalance in USB2 resume (git-fixes).\n- xhci: fix uninitialized string returned by xhci_decode_ctrl_ctx() (git-fixes).\n- xhci: increase usb U3 U0 link resume timeout from 100ms to 500ms (git-fixes).\n- xhci: make xhci_handshake timeout for xhci_reset() adjustable (git-fixes).\n- xhci-pci: Allow host runtime PM as default for Intel Meteor Lake xHCI (git-fixes).\n- xhci-pci: Allow host runtime PM as default for Intel Raptor Lake xHCI (git-fixes).\n- xhci: Prevent futile URB re-submissions due to incorrect return value (git-fixes).\n- xhci: re-initialize the HC during resume if HCE was set (git-fixes).\n- xhci: stop polling roothubs after shutdown (git-fixes).\n- xhci: turn off port power in shutdown (git-fixes).\n- xsk: Do not write NULL in SW ring at allocation failure (jsc#SLE-18375).\n- zsmalloc: decouple class actions from zspage works (bsc#1189998).\n- zsmalloc: introduce obj_allocated (bsc#1189998).\n- zsmalloc: introduce some helper functions (bsc#1189998).\n- zsmalloc: move huge compressed obj from page to zspage (bsc#1189998).\n- zsmalloc: remove zspage isolation for migration (bsc#1189998).\n- zsmalloc: rename zs_stat_type to class_stat_type (bsc#1189998).\n- zsmalloc: replace get_cpu_var with local_lock (bsc#1189998).\n- zsmalloc: replace per zpage lock with pool migrate_lock (bsc#1189998).\n- zsmalloc: Stop using slab fields in struct page (bsc#1189998 bsc#1190208).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2022-2615,SUSE-SLE-Module-Public-Cloud-15-SP4-2022-2615,openSUSE-SLE-15.4-2022-2615",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_2615-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2022:2615-1",
        "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222615-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2022:2615-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011728.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1055117",
        "url": "https://bugzilla.suse.com/1055117"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1061840",
        "url": "https://bugzilla.suse.com/1061840"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1065729",
        "url": "https://bugzilla.suse.com/1065729"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1071995",
        "url": "https://bugzilla.suse.com/1071995"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1089644",
        "url": "https://bugzilla.suse.com/1089644"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1103269",
        "url": "https://bugzilla.suse.com/1103269"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1118212",
        "url": "https://bugzilla.suse.com/1118212"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1121726",
        "url": "https://bugzilla.suse.com/1121726"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1137728",
        "url": "https://bugzilla.suse.com/1137728"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1156395",
        "url": "https://bugzilla.suse.com/1156395"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1157038",
        "url": "https://bugzilla.suse.com/1157038"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1157923",
        "url": "https://bugzilla.suse.com/1157923"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1175667",
        "url": "https://bugzilla.suse.com/1175667"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1179439",
        "url": "https://bugzilla.suse.com/1179439"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1179639",
        "url": "https://bugzilla.suse.com/1179639"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1180814",
        "url": "https://bugzilla.suse.com/1180814"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1183682",
        "url": "https://bugzilla.suse.com/1183682"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1183872",
        "url": "https://bugzilla.suse.com/1183872"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1184318",
        "url": "https://bugzilla.suse.com/1184318"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1184924",
        "url": "https://bugzilla.suse.com/1184924"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1187716",
        "url": "https://bugzilla.suse.com/1187716"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1188885",
        "url": "https://bugzilla.suse.com/1188885"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1189998",
        "url": "https://bugzilla.suse.com/1189998"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1190137",
        "url": "https://bugzilla.suse.com/1190137"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1190208",
        "url": "https://bugzilla.suse.com/1190208"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1190336",
        "url": "https://bugzilla.suse.com/1190336"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1190497",
        "url": "https://bugzilla.suse.com/1190497"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1190768",
        "url": "https://bugzilla.suse.com/1190768"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1190786",
        "url": "https://bugzilla.suse.com/1190786"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1190812",
        "url": "https://bugzilla.suse.com/1190812"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1191271",
        "url": "https://bugzilla.suse.com/1191271"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1191663",
        "url": "https://bugzilla.suse.com/1191663"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1192483",
        "url": "https://bugzilla.suse.com/1192483"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193064",
        "url": "https://bugzilla.suse.com/1193064"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193277",
        "url": "https://bugzilla.suse.com/1193277"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193289",
        "url": "https://bugzilla.suse.com/1193289"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193431",
        "url": "https://bugzilla.suse.com/1193431"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193556",
        "url": "https://bugzilla.suse.com/1193556"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193629",
        "url": "https://bugzilla.suse.com/1193629"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193640",
        "url": "https://bugzilla.suse.com/1193640"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193787",
        "url": "https://bugzilla.suse.com/1193787"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193823",
        "url": "https://bugzilla.suse.com/1193823"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193852",
        "url": "https://bugzilla.suse.com/1193852"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194086",
        "url": "https://bugzilla.suse.com/1194086"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194111",
        "url": "https://bugzilla.suse.com/1194111"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194191",
        "url": "https://bugzilla.suse.com/1194191"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194409",
        "url": "https://bugzilla.suse.com/1194409"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194501",
        "url": "https://bugzilla.suse.com/1194501"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194523",
        "url": "https://bugzilla.suse.com/1194523"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194526",
        "url": "https://bugzilla.suse.com/1194526"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194583",
        "url": "https://bugzilla.suse.com/1194583"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194585",
        "url": "https://bugzilla.suse.com/1194585"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194586",
        "url": "https://bugzilla.suse.com/1194586"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194625",
        "url": "https://bugzilla.suse.com/1194625"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194765",
        "url": "https://bugzilla.suse.com/1194765"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194826",
        "url": "https://bugzilla.suse.com/1194826"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194869",
        "url": "https://bugzilla.suse.com/1194869"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195099",
        "url": "https://bugzilla.suse.com/1195099"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195287",
        "url": "https://bugzilla.suse.com/1195287"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195478",
        "url": "https://bugzilla.suse.com/1195478"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195482",
        "url": "https://bugzilla.suse.com/1195482"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195504",
        "url": "https://bugzilla.suse.com/1195504"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195651",
        "url": "https://bugzilla.suse.com/1195651"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195668",
        "url": "https://bugzilla.suse.com/1195668"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195669",
        "url": "https://bugzilla.suse.com/1195669"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195775",
        "url": "https://bugzilla.suse.com/1195775"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195823",
        "url": "https://bugzilla.suse.com/1195823"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195826",
        "url": "https://bugzilla.suse.com/1195826"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195913",
        "url": "https://bugzilla.suse.com/1195913"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195915",
        "url": "https://bugzilla.suse.com/1195915"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195926",
        "url": "https://bugzilla.suse.com/1195926"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195944",
        "url": "https://bugzilla.suse.com/1195944"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195957",
        "url": "https://bugzilla.suse.com/1195957"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195987",
        "url": "https://bugzilla.suse.com/1195987"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196079",
        "url": "https://bugzilla.suse.com/1196079"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196114",
        "url": "https://bugzilla.suse.com/1196114"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196130",
        "url": "https://bugzilla.suse.com/1196130"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196213",
        "url": "https://bugzilla.suse.com/1196213"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196306",
        "url": "https://bugzilla.suse.com/1196306"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196367",
        "url": "https://bugzilla.suse.com/1196367"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196400",
        "url": "https://bugzilla.suse.com/1196400"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196426",
        "url": "https://bugzilla.suse.com/1196426"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196478",
        "url": "https://bugzilla.suse.com/1196478"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196514",
        "url": "https://bugzilla.suse.com/1196514"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196570",
        "url": "https://bugzilla.suse.com/1196570"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196723",
        "url": "https://bugzilla.suse.com/1196723"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196779",
        "url": "https://bugzilla.suse.com/1196779"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196830",
        "url": "https://bugzilla.suse.com/1196830"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196836",
        "url": "https://bugzilla.suse.com/1196836"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196866",
        "url": "https://bugzilla.suse.com/1196866"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196868",
        "url": "https://bugzilla.suse.com/1196868"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196869",
        "url": "https://bugzilla.suse.com/1196869"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196901",
        "url": "https://bugzilla.suse.com/1196901"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196930",
        "url": "https://bugzilla.suse.com/1196930"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196942",
        "url": "https://bugzilla.suse.com/1196942"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196960",
        "url": "https://bugzilla.suse.com/1196960"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197016",
        "url": "https://bugzilla.suse.com/1197016"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197157",
        "url": "https://bugzilla.suse.com/1197157"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197227",
        "url": "https://bugzilla.suse.com/1197227"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197243",
        "url": "https://bugzilla.suse.com/1197243"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197292",
        "url": "https://bugzilla.suse.com/1197292"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197302",
        "url": "https://bugzilla.suse.com/1197302"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197303",
        "url": "https://bugzilla.suse.com/1197303"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197304",
        "url": "https://bugzilla.suse.com/1197304"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197362",
        "url": "https://bugzilla.suse.com/1197362"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197386",
        "url": "https://bugzilla.suse.com/1197386"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197501",
        "url": "https://bugzilla.suse.com/1197501"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197601",
        "url": "https://bugzilla.suse.com/1197601"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197661",
        "url": "https://bugzilla.suse.com/1197661"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197675",
        "url": "https://bugzilla.suse.com/1197675"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197761",
        "url": "https://bugzilla.suse.com/1197761"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197817",
        "url": "https://bugzilla.suse.com/1197817"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197819",
        "url": "https://bugzilla.suse.com/1197819"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197820",
        "url": "https://bugzilla.suse.com/1197820"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197888",
        "url": "https://bugzilla.suse.com/1197888"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197889",
        "url": "https://bugzilla.suse.com/1197889"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197894",
        "url": "https://bugzilla.suse.com/1197894"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197915",
        "url": "https://bugzilla.suse.com/1197915"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197917",
        "url": "https://bugzilla.suse.com/1197917"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197918",
        "url": "https://bugzilla.suse.com/1197918"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197920",
        "url": "https://bugzilla.suse.com/1197920"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197921",
        "url": "https://bugzilla.suse.com/1197921"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197922",
        "url": "https://bugzilla.suse.com/1197922"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1197926",
        "url": "https://bugzilla.suse.com/1197926"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198009",
        "url": "https://bugzilla.suse.com/1198009"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198010",
        "url": "https://bugzilla.suse.com/1198010"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198012",
        "url": "https://bugzilla.suse.com/1198012"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198013",
        "url": "https://bugzilla.suse.com/1198013"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198014",
        "url": "https://bugzilla.suse.com/1198014"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198015",
        "url": "https://bugzilla.suse.com/1198015"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198016",
        "url": "https://bugzilla.suse.com/1198016"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198017",
        "url": "https://bugzilla.suse.com/1198017"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198018",
        "url": "https://bugzilla.suse.com/1198018"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198019",
        "url": "https://bugzilla.suse.com/1198019"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198020",
        "url": "https://bugzilla.suse.com/1198020"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198021",
        "url": "https://bugzilla.suse.com/1198021"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198022",
        "url": "https://bugzilla.suse.com/1198022"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198023",
        "url": "https://bugzilla.suse.com/1198023"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198024",
        "url": "https://bugzilla.suse.com/1198024"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198027",
        "url": "https://bugzilla.suse.com/1198027"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198030",
        "url": "https://bugzilla.suse.com/1198030"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198034",
        "url": "https://bugzilla.suse.com/1198034"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198058",
        "url": "https://bugzilla.suse.com/1198058"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198217",
        "url": "https://bugzilla.suse.com/1198217"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198379",
        "url": "https://bugzilla.suse.com/1198379"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198400",
        "url": "https://bugzilla.suse.com/1198400"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198402",
        "url": "https://bugzilla.suse.com/1198402"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198412",
        "url": "https://bugzilla.suse.com/1198412"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198413",
        "url": "https://bugzilla.suse.com/1198413"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198438",
        "url": "https://bugzilla.suse.com/1198438"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198484",
        "url": "https://bugzilla.suse.com/1198484"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198577",
        "url": "https://bugzilla.suse.com/1198577"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198585",
        "url": "https://bugzilla.suse.com/1198585"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198660",
        "url": "https://bugzilla.suse.com/1198660"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198802",
        "url": "https://bugzilla.suse.com/1198802"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198803",
        "url": "https://bugzilla.suse.com/1198803"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198806",
        "url": "https://bugzilla.suse.com/1198806"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198811",
        "url": "https://bugzilla.suse.com/1198811"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198826",
        "url": "https://bugzilla.suse.com/1198826"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198835",
        "url": "https://bugzilla.suse.com/1198835"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198968",
        "url": "https://bugzilla.suse.com/1198968"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198971",
        "url": "https://bugzilla.suse.com/1198971"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199011",
        "url": "https://bugzilla.suse.com/1199011"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199024",
        "url": "https://bugzilla.suse.com/1199024"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199035",
        "url": "https://bugzilla.suse.com/1199035"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199046",
        "url": "https://bugzilla.suse.com/1199046"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199052",
        "url": "https://bugzilla.suse.com/1199052"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199063",
        "url": "https://bugzilla.suse.com/1199063"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199163",
        "url": "https://bugzilla.suse.com/1199163"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199173",
        "url": "https://bugzilla.suse.com/1199173"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199260",
        "url": "https://bugzilla.suse.com/1199260"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199314",
        "url": "https://bugzilla.suse.com/1199314"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199390",
        "url": "https://bugzilla.suse.com/1199390"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199426",
        "url": "https://bugzilla.suse.com/1199426"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199433",
        "url": "https://bugzilla.suse.com/1199433"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199439",
        "url": "https://bugzilla.suse.com/1199439"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199482",
        "url": "https://bugzilla.suse.com/1199482"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199487",
        "url": "https://bugzilla.suse.com/1199487"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199505",
        "url": "https://bugzilla.suse.com/1199505"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199507",
        "url": "https://bugzilla.suse.com/1199507"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199605",
        "url": "https://bugzilla.suse.com/1199605"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199611",
        "url": "https://bugzilla.suse.com/1199611"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199626",
        "url": "https://bugzilla.suse.com/1199626"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199631",
        "url": "https://bugzilla.suse.com/1199631"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199650",
        "url": "https://bugzilla.suse.com/1199650"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199657",
        "url": "https://bugzilla.suse.com/1199657"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199674",
        "url": "https://bugzilla.suse.com/1199674"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199736",
        "url": "https://bugzilla.suse.com/1199736"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199793",
        "url": "https://bugzilla.suse.com/1199793"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199839",
        "url": "https://bugzilla.suse.com/1199839"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199875",
        "url": "https://bugzilla.suse.com/1199875"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199909",
        "url": "https://bugzilla.suse.com/1199909"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200015",
        "url": "https://bugzilla.suse.com/1200015"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200019",
        "url": "https://bugzilla.suse.com/1200019"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200045",
        "url": "https://bugzilla.suse.com/1200045"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200046",
        "url": "https://bugzilla.suse.com/1200046"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200144",
        "url": "https://bugzilla.suse.com/1200144"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200205",
        "url": "https://bugzilla.suse.com/1200205"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200211",
        "url": "https://bugzilla.suse.com/1200211"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200259",
        "url": "https://bugzilla.suse.com/1200259"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200263",
        "url": "https://bugzilla.suse.com/1200263"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200284",
        "url": "https://bugzilla.suse.com/1200284"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200315",
        "url": "https://bugzilla.suse.com/1200315"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200343",
        "url": "https://bugzilla.suse.com/1200343"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200420",
        "url": "https://bugzilla.suse.com/1200420"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200442",
        "url": "https://bugzilla.suse.com/1200442"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200475",
        "url": "https://bugzilla.suse.com/1200475"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200502",
        "url": "https://bugzilla.suse.com/1200502"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200567",
        "url": "https://bugzilla.suse.com/1200567"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200569",
        "url": "https://bugzilla.suse.com/1200569"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200571",
        "url": "https://bugzilla.suse.com/1200571"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200572",
        "url": "https://bugzilla.suse.com/1200572"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200599",
        "url": "https://bugzilla.suse.com/1200599"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200600",
        "url": "https://bugzilla.suse.com/1200600"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200608",
        "url": "https://bugzilla.suse.com/1200608"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200611",
        "url": "https://bugzilla.suse.com/1200611"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200619",
        "url": "https://bugzilla.suse.com/1200619"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200692",
        "url": "https://bugzilla.suse.com/1200692"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200762",
        "url": "https://bugzilla.suse.com/1200762"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200763",
        "url": "https://bugzilla.suse.com/1200763"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200806",
        "url": "https://bugzilla.suse.com/1200806"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200807",
        "url": "https://bugzilla.suse.com/1200807"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200808",
        "url": "https://bugzilla.suse.com/1200808"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200809",
        "url": "https://bugzilla.suse.com/1200809"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200810",
        "url": "https://bugzilla.suse.com/1200810"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200812",
        "url": "https://bugzilla.suse.com/1200812"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200815",
        "url": "https://bugzilla.suse.com/1200815"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200816",
        "url": "https://bugzilla.suse.com/1200816"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200820",
        "url": "https://bugzilla.suse.com/1200820"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200822",
        "url": "https://bugzilla.suse.com/1200822"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200824",
        "url": "https://bugzilla.suse.com/1200824"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200825",
        "url": "https://bugzilla.suse.com/1200825"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200827",
        "url": "https://bugzilla.suse.com/1200827"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200828",
        "url": "https://bugzilla.suse.com/1200828"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200829",
        "url": "https://bugzilla.suse.com/1200829"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200830",
        "url": "https://bugzilla.suse.com/1200830"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200845",
        "url": "https://bugzilla.suse.com/1200845"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200882",
        "url": "https://bugzilla.suse.com/1200882"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200925",
        "url": "https://bugzilla.suse.com/1200925"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1201050",
        "url": "https://bugzilla.suse.com/1201050"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1201160",
        "url": "https://bugzilla.suse.com/1201160"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1201171",
        "url": "https://bugzilla.suse.com/1201171"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1201177",
        "url": "https://bugzilla.suse.com/1201177"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1201193",
        "url": "https://bugzilla.suse.com/1201193"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1201196",
        "url": "https://bugzilla.suse.com/1201196"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1201218",
        "url": "https://bugzilla.suse.com/1201218"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1201222",
        "url": "https://bugzilla.suse.com/1201222"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1201228",
        "url": "https://bugzilla.suse.com/1201228"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1201251",
        "url": "https://bugzilla.suse.com/1201251"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 150300",
        "url": "https://bugzilla.suse.com/150300"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-26341 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-26341/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-33061 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-33061/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-4204 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-4204/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-44879 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-44879/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-45402 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-45402/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0264 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0264/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0494 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0494/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0617 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0617/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1012 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1012/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1016 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1016/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1184 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1184/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1198 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1198/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1205 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1205/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1508 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1508/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1651 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1651/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1652 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1652/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1671 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1671/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1679 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1679/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1729 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1729/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1734 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1734/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1789 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1789/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1852 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1852/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1966 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1966/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1972 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1972/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1974 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1974/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1998 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1998/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-20132 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-20132/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-20154 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-20154/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-21123 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-21123/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-21125 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-21125/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-21127 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-21127/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-21166 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-21166/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-21180 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-21180/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-21499 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-21499/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-2318 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-2318/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-23222 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-23222/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-26365 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-26365/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-26490 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-26490/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-29582 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-29582/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-29900 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-29900/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-29901 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-29901/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-30594 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-30594/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-33740 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-33740/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-33741 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-33741/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-33742 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-33742/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-33743 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-33743/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-33981 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-33981/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-34918 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-34918/"
      }
    ],
    "title": "Security update for the Linux Kernel",
    "tracking": {
      "current_release_date": "2022-08-01T08:42:02Z",
      "generator": {
        "date": "2022-08-01T08:42:02Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2022:2615-1",
      "initial_release_date": "2022-08-01T08:42:02Z",
      "revision_history": [
        {
          "date": "2022-08-01T08:42:02Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
                "product": {
                  "name": "cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
                  "product_id": "cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
                "product": {
                  "name": "dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
                  "product_id": "dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
                "product": {
                  "name": "gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
                  "product_id": "gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-azure-5.14.21-150400.14.7.1.aarch64",
                "product": {
                  "name": "kernel-azure-5.14.21-150400.14.7.1.aarch64",
                  "product_id": "kernel-azure-5.14.21-150400.14.7.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
                "product": {
                  "name": "kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
                  "product_id": "kernel-azure-devel-5.14.21-150400.14.7.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
                "product": {
                  "name": "kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
                  "product_id": "kernel-azure-extra-5.14.21-150400.14.7.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
                "product": {
                  "name": "kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
                  "product_id": "kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
                "product": {
                  "name": "kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
                  "product_id": "kernel-azure-optional-5.14.21-150400.14.7.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
                "product": {
                  "name": "kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
                  "product_id": "kernel-syms-azure-5.14.21-150400.14.7.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
                "product": {
                  "name": "kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
                  "product_id": "kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
                "product": {
                  "name": "ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
                  "product_id": "ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
                "product": {
                  "name": "reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
                  "product_id": "reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
                "product": {
                  "name": "kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
                  "product_id": "kernel-devel-azure-5.14.21-150400.14.7.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-azure-5.14.21-150400.14.7.1.noarch",
                "product": {
                  "name": "kernel-source-azure-5.14.21-150400.14.7.1.noarch",
                  "product_id": "kernel-source-azure-5.14.21-150400.14.7.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
                "product": {
                  "name": "cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
                  "product_id": "cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
                "product": {
                  "name": "dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
                  "product_id": "dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
                "product": {
                  "name": "gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
                  "product_id": "gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-azure-5.14.21-150400.14.7.1.x86_64",
                "product": {
                  "name": "kernel-azure-5.14.21-150400.14.7.1.x86_64",
                  "product_id": "kernel-azure-5.14.21-150400.14.7.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
                "product": {
                  "name": "kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
                  "product_id": "kernel-azure-devel-5.14.21-150400.14.7.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
                "product": {
                  "name": "kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
                  "product_id": "kernel-azure-extra-5.14.21-150400.14.7.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
                "product": {
                  "name": "kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
                  "product_id": "kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
                "product": {
                  "name": "kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
                  "product_id": "kernel-azure-optional-5.14.21-150400.14.7.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
                "product": {
                  "name": "kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
                  "product_id": "kernel-syms-azure-5.14.21-150400.14.7.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
                "product": {
                  "name": "kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
                  "product_id": "kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
                "product": {
                  "name": "ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
                  "product_id": "ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64",
                "product": {
                  "name": "reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64",
                  "product_id": "reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Public Cloud 15 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Public Cloud 15 SP4",
                  "product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-public-cloud:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.4",
                "product": {
                  "name": "openSUSE Leap 15.4",
                  "product_id": "openSUSE Leap 15.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.4"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-azure-5.14.21-150400.14.7.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64"
        },
        "product_reference": "kernel-azure-5.14.21-150400.14.7.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-azure-5.14.21-150400.14.7.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64"
        },
        "product_reference": "kernel-azure-5.14.21-150400.14.7.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-azure-devel-5.14.21-150400.14.7.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64"
        },
        "product_reference": "kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-azure-devel-5.14.21-150400.14.7.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64"
        },
        "product_reference": "kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-azure-5.14.21-150400.14.7.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch"
        },
        "product_reference": "kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-azure-5.14.21-150400.14.7.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch"
        },
        "product_reference": "kernel-source-azure-5.14.21-150400.14.7.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-azure-5.14.21-150400.14.7.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64"
        },
        "product_reference": "kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-azure-5.14.21-150400.14.7.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64"
        },
        "product_reference": "kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64"
        },
        "product_reference": "cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        },
        "product_reference": "cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64"
        },
        "product_reference": "dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        },
        "product_reference": "dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64"
        },
        "product_reference": "gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        },
        "product_reference": "gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-azure-5.14.21-150400.14.7.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64"
        },
        "product_reference": "kernel-azure-5.14.21-150400.14.7.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-azure-5.14.21-150400.14.7.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64"
        },
        "product_reference": "kernel-azure-5.14.21-150400.14.7.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-azure-devel-5.14.21-150400.14.7.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64"
        },
        "product_reference": "kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-azure-devel-5.14.21-150400.14.7.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64"
        },
        "product_reference": "kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-azure-extra-5.14.21-150400.14.7.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64"
        },
        "product_reference": "kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-azure-extra-5.14.21-150400.14.7.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64"
        },
        "product_reference": "kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64"
        },
        "product_reference": "kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64"
        },
        "product_reference": "kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-azure-optional-5.14.21-150400.14.7.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64"
        },
        "product_reference": "kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-azure-optional-5.14.21-150400.14.7.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64"
        },
        "product_reference": "kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-azure-5.14.21-150400.14.7.1.noarch as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch"
        },
        "product_reference": "kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-azure-5.14.21-150400.14.7.1.noarch as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch"
        },
        "product_reference": "kernel-source-azure-5.14.21-150400.14.7.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-azure-5.14.21-150400.14.7.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64"
        },
        "product_reference": "kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-azure-5.14.21-150400.14.7.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64"
        },
        "product_reference": "kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64"
        },
        "product_reference": "kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        },
        "product_reference": "kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64"
        },
        "product_reference": "ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        },
        "product_reference": "ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64"
        },
        "product_reference": "reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        },
        "product_reference": "reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-26341",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-26341"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-26341",
          "url": "https://www.suse.com/security/cve/CVE-2021-26341"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196901 for CVE-2021-26341",
          "url": "https://bugzilla.suse.com/1196901"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201050 for CVE-2021-26341",
          "url": "https://bugzilla.suse.com/1201050"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-26341"
    },
    {
      "cve": "CVE-2021-33061",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-33061"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-33061",
          "url": "https://www.suse.com/security/cve/CVE-2021-33061"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196426 for CVE-2021-33061",
          "url": "https://bugzilla.suse.com/1196426"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-33061"
    },
    {
      "cve": "CVE-2021-4204",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-4204"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An out-of-bounds (OOB) memory access flaw was found in the Linux kernel\u0027s eBPF due to an Improper Input Validation. This flaw allows a local attacker with a special privilege to crash the system or leak internal information.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-4204",
          "url": "https://www.suse.com/security/cve/CVE-2021-4204"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194111 for CVE-2021-4204",
          "url": "https://bugzilla.suse.com/1194111"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-4204"
    },
    {
      "cve": "CVE-2021-44879",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-44879"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-44879",
          "url": "https://www.suse.com/security/cve/CVE-2021-44879"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195987 for CVE-2021-44879",
          "url": "https://bugzilla.suse.com/1195987"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-44879"
    },
    {
      "cve": "CVE-2021-45402",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-45402"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The check_alu_op() function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did not properly update bounds while handling the mov32 instruction, which allows local users to obtain potentially sensitive address information, aka a \"pointer leak.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-45402",
          "url": "https://www.suse.com/security/cve/CVE-2021-45402"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196130 for CVE-2021-45402",
          "url": "https://bugzilla.suse.com/1196130"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-45402"
    },
    {
      "cve": "CVE-2022-0264",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0264"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability was found in the Linux kernel\u0027s eBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating some of the exploit mitigations in place for the kernel. This flaws affects kernel versions \u003c v5.16-rc6",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0264",
          "url": "https://www.suse.com/security/cve/CVE-2022-0264"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194826 for CVE-2022-0264",
          "url": "https://bugzilla.suse.com/1194826"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0264"
    },
    {
      "cve": "CVE-2022-0494",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0494"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0494",
          "url": "https://www.suse.com/security/cve/CVE-2022-0494"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1197386 for CVE-2022-0494",
          "url": "https://bugzilla.suse.com/1197386"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1207783 for CVE-2022-0494",
          "url": "https://bugzilla.suse.com/1207783"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0494"
    },
    {
      "cve": "CVE-2022-0617",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0617"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0617",
          "url": "https://www.suse.com/security/cve/CVE-2022-0617"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196079 for CVE-2022-0617",
          "url": "https://bugzilla.suse.com/1196079"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0617"
    },
    {
      "cve": "CVE-2022-1012",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1012"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1012",
          "url": "https://www.suse.com/security/cve/CVE-2022-1012"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199482 for CVE-2022-1012",
          "url": "https://bugzilla.suse.com/1199482"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199694 for CVE-2022-1012",
          "url": "https://bugzilla.suse.com/1199694"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1202335 for CVE-2022-1012",
          "url": "https://bugzilla.suse.com/1202335"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-1012"
    },
    {
      "cve": "CVE-2022-1016",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1016"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle \u0027return\u0027 with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1016",
          "url": "https://www.suse.com/security/cve/CVE-2022-1016"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1197335 for CVE-2022-1016",
          "url": "https://bugzilla.suse.com/1197335"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-1016"
    },
    {
      "cve": "CVE-2022-1184",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1184"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel\u0027s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1184",
          "url": "https://www.suse.com/security/cve/CVE-2022-1184"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198577 for CVE-2022-1184",
          "url": "https://bugzilla.suse.com/1198577"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210859 for CVE-2022-1184",
          "url": "https://bugzilla.suse.com/1210859"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-1184"
    },
    {
      "cve": "CVE-2022-1198",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1198"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1198",
          "url": "https://www.suse.com/security/cve/CVE-2022-1198"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198030 for CVE-2022-1198",
          "url": "https://bugzilla.suse.com/1198030"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-1198"
    },
    {
      "cve": "CVE-2022-1205",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1205"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A NULL pointer dereference flaw was found in the Linux kernel\u0027s Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1205",
          "url": "https://www.suse.com/security/cve/CVE-2022-1205"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198027 for CVE-2022-1205",
          "url": "https://bugzilla.suse.com/1198027"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-1205"
    },
    {
      "cve": "CVE-2022-1508",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1508"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An out-of-bounds read flaw was found in the Linux kernel\u0027s io_uring module in the way a user triggers the io_read() function with some special parameters. This flaw allows a local user to read some memory out of bounds.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1508",
          "url": "https://www.suse.com/security/cve/CVE-2022-1508"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198968 for CVE-2022-1508",
          "url": "https://bugzilla.suse.com/1198968"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-1508"
    },
    {
      "cve": "CVE-2022-1651",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1651"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A memory leak flaw was found in the Linux kernel in acrn_dev_ioctl in the drivers/virt/acrn/hsm.c function in how the ACRN Device Model emulates virtual NICs in VM. This flaw allows a local privileged attacker to leak unauthorized kernel information, causing a denial of service.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1651",
          "url": "https://www.suse.com/security/cve/CVE-2022-1651"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199433 for CVE-2022-1651",
          "url": "https://bugzilla.suse.com/1199433"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-1651"
    },
    {
      "cve": "CVE-2022-1652",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1652"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1652",
          "url": "https://www.suse.com/security/cve/CVE-2022-1652"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199063 for CVE-2022-1652",
          "url": "https://bugzilla.suse.com/1199063"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200057 for CVE-2022-1652",
          "url": "https://bugzilla.suse.com/1200057"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200751 for CVE-2022-1652",
          "url": "https://bugzilla.suse.com/1200751"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201034 for CVE-2022-1652",
          "url": "https://bugzilla.suse.com/1201034"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201832 for CVE-2022-1652",
          "url": "https://bugzilla.suse.com/1201832"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-1652",
          "url": "https://bugzilla.suse.com/1204132"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1212307 for CVE-2022-1652",
          "url": "https://bugzilla.suse.com/1212307"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-1652"
    },
    {
      "cve": "CVE-2022-1671",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1671"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. This flaw allows a local attacker to crash the system or leak internal kernel information.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1671",
          "url": "https://www.suse.com/security/cve/CVE-2022-1671"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199439 for CVE-2022-1671",
          "url": "https://bugzilla.suse.com/1199439"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-1671"
    },
    {
      "cve": "CVE-2022-1679",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1679"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free flaw was found in the Linux kernel\u0027s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1679",
          "url": "https://www.suse.com/security/cve/CVE-2022-1679"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199487 for CVE-2022-1679",
          "url": "https://bugzilla.suse.com/1199487"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201080 for CVE-2022-1679",
          "url": "https://bugzilla.suse.com/1201080"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201832 for CVE-2022-1679",
          "url": "https://bugzilla.suse.com/1201832"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-1679",
          "url": "https://bugzilla.suse.com/1204132"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1212316 for CVE-2022-1679",
          "url": "https://bugzilla.suse.com/1212316"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-1679"
    },
    {
      "cve": "CVE-2022-1729",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1729"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1729",
          "url": "https://www.suse.com/security/cve/CVE-2022-1729"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199507 for CVE-2022-1729",
          "url": "https://bugzilla.suse.com/1199507"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199697 for CVE-2022-1729",
          "url": "https://bugzilla.suse.com/1199697"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201832 for CVE-2022-1729",
          "url": "https://bugzilla.suse.com/1201832"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-1729"
    },
    {
      "cve": "CVE-2022-1734",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1734"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1734",
          "url": "https://www.suse.com/security/cve/CVE-2022-1734"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199605 for CVE-2022-1734",
          "url": "https://bugzilla.suse.com/1199605"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199606 for CVE-2022-1734",
          "url": "https://bugzilla.suse.com/1199606"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201832 for CVE-2022-1734",
          "url": "https://bugzilla.suse.com/1201832"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-1734"
    },
    {
      "cve": "CVE-2022-1789",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1789"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva. If INVPCID is executed with CR0.PG=0, the invlpg callback is not set and the result is a NULL pointer dereference.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1789",
          "url": "https://www.suse.com/security/cve/CVE-2022-1789"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199674 for CVE-2022-1789",
          "url": "https://bugzilla.suse.com/1199674"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-1789"
    },
    {
      "cve": "CVE-2022-1852",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1852"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A NULL pointer dereference flaw was found in the Linux kernel\u0027s KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1852",
          "url": "https://www.suse.com/security/cve/CVE-2022-1852"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199875 for CVE-2022-1852",
          "url": "https://bugzilla.suse.com/1199875"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-1852"
    },
    {
      "cve": "CVE-2022-1966",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1966"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-32250. Reason: This candidate is a duplicate of CVE-2022-32250. Notes: All CVE users should reference CVE-2022-32250 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1966",
          "url": "https://www.suse.com/security/cve/CVE-2022-1966"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200015 for CVE-2022-1966",
          "url": "https://bugzilla.suse.com/1200015"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200268 for CVE-2022-1966",
          "url": "https://bugzilla.suse.com/1200268"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200494 for CVE-2022-1966",
          "url": "https://bugzilla.suse.com/1200494"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200529 for CVE-2022-1966",
          "url": "https://bugzilla.suse.com/1200529"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-1966"
    },
    {
      "cve": "CVE-2022-1972",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1972"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-2078. Reason: This candidate is a reservation duplicate of CVE-2022-2078. Notes: All CVE users should reference CVE-2022-2078 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1972",
          "url": "https://www.suse.com/security/cve/CVE-2022-1972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200019 for CVE-2022-1972",
          "url": "https://bugzilla.suse.com/1200019"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200266 for CVE-2022-1972",
          "url": "https://bugzilla.suse.com/1200266"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-1972"
    },
    {
      "cve": "CVE-2022-1974",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1974"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free flaw was found in the Linux kernel\u0027s NFC core functionality due to a race condition between kobject creation and delete. This vulnerability allows a local attacker with CAP_NET_ADMIN privilege to leak kernel information.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1974",
          "url": "https://www.suse.com/security/cve/CVE-2022-1974"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200144 for CVE-2022-1974",
          "url": "https://bugzilla.suse.com/1200144"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200265 for CVE-2022-1974",
          "url": "https://bugzilla.suse.com/1200265"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-1974"
    },
    {
      "cve": "CVE-2022-1998",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1998"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). A local user could use this flaw to crash the system or potentially escalate their privileges on the system.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1998",
          "url": "https://www.suse.com/security/cve/CVE-2022-1998"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200284 for CVE-2022-1998",
          "url": "https://bugzilla.suse.com/1200284"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-1998"
    },
    {
      "cve": "CVE-2022-20132",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-20132"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In lg_probe and related functions of hid-lg.c and other USB HID files, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure if a malicious USB HID device were plugged in, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-188677105References: Upstream kernel",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-20132",
          "url": "https://www.suse.com/security/cve/CVE-2022-20132"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200619 for CVE-2022-20132",
          "url": "https://bugzilla.suse.com/1200619"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1212287 for CVE-2022-20132",
          "url": "https://bugzilla.suse.com/1212287"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-20132"
    },
    {
      "cve": "CVE-2022-20154",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-20154"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In lock_sock_nested of sock.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-174846563References: Upstream kernel",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-20154",
          "url": "https://www.suse.com/security/cve/CVE-2022-20154"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200599 for CVE-2022-20154",
          "url": "https://bugzilla.suse.com/1200599"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200608 for CVE-2022-20154",
          "url": "https://bugzilla.suse.com/1200608"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1224298 for CVE-2022-20154",
          "url": "https://bugzilla.suse.com/1224298"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1224878 for CVE-2022-20154",
          "url": "https://bugzilla.suse.com/1224878"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-20154"
    },
    {
      "cve": "CVE-2022-21123",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-21123"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-21123",
          "url": "https://www.suse.com/security/cve/CVE-2022-21123"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199650 for CVE-2022-21123",
          "url": "https://bugzilla.suse.com/1199650"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200549 for CVE-2022-21123",
          "url": "https://bugzilla.suse.com/1200549"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1209075 for CVE-2022-21123",
          "url": "https://bugzilla.suse.com/1209075"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-21123"
    },
    {
      "cve": "CVE-2022-21125",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-21125"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-21125",
          "url": "https://www.suse.com/security/cve/CVE-2022-21125"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199650 for CVE-2022-21125",
          "url": "https://bugzilla.suse.com/1199650"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200549 for CVE-2022-21125",
          "url": "https://bugzilla.suse.com/1200549"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1209074 for CVE-2022-21125",
          "url": "https://bugzilla.suse.com/1209074"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-21125"
    },
    {
      "cve": "CVE-2022-21127",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-21127"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-21127",
          "url": "https://www.suse.com/security/cve/CVE-2022-21127"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199650 for CVE-2022-21127",
          "url": "https://bugzilla.suse.com/1199650"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200549 for CVE-2022-21127",
          "url": "https://bugzilla.suse.com/1200549"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-21127"
    },
    {
      "cve": "CVE-2022-21166",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-21166"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-21166",
          "url": "https://www.suse.com/security/cve/CVE-2022-21166"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199650 for CVE-2022-21166",
          "url": "https://bugzilla.suse.com/1199650"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200549 for CVE-2022-21166",
          "url": "https://bugzilla.suse.com/1200549"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1209073 for CVE-2022-21166",
          "url": "https://bugzilla.suse.com/1209073"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-21166"
    },
    {
      "cve": "CVE-2022-21180",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-21180"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Improper input validation for some Intel(R) Processors may allow an authenticated user to potentially cause a denial of service via local access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-21180",
          "url": "https://www.suse.com/security/cve/CVE-2022-21180"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199650 for CVE-2022-21180",
          "url": "https://bugzilla.suse.com/1199650"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200549 for CVE-2022-21180",
          "url": "https://bugzilla.suse.com/1200549"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1212313 for CVE-2022-21180",
          "url": "https://bugzilla.suse.com/1212313"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-21180"
    },
    {
      "cve": "CVE-2022-21499",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-21499"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-21499",
          "url": "https://www.suse.com/security/cve/CVE-2022-21499"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199426 for CVE-2022-21499",
          "url": "https://bugzilla.suse.com/1199426"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200059 for CVE-2022-21499",
          "url": "https://bugzilla.suse.com/1200059"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1203034 for CVE-2022-21499",
          "url": "https://bugzilla.suse.com/1203034"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-21499",
          "url": "https://bugzilla.suse.com/1204132"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1212315 for CVE-2022-21499",
          "url": "https://bugzilla.suse.com/1212315"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-21499"
    },
    {
      "cve": "CVE-2022-2318",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-2318"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-2318",
          "url": "https://www.suse.com/security/cve/CVE-2022-2318"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201251 for CVE-2022-2318",
          "url": "https://bugzilla.suse.com/1201251"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1212303 for CVE-2022-2318",
          "url": "https://bugzilla.suse.com/1212303"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-2318"
    },
    {
      "cve": "CVE-2022-23222",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-23222"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-23222",
          "url": "https://www.suse.com/security/cve/CVE-2022-23222"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194765 for CVE-2022-23222",
          "url": "https://bugzilla.suse.com/1194765"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-23222"
    },
    {
      "cve": "CVE-2022-26365",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-26365"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don\u0027t zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn\u0027t allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-26365",
          "url": "https://www.suse.com/security/cve/CVE-2022-26365"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200762 for CVE-2022-26365",
          "url": "https://bugzilla.suse.com/1200762"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-26365"
    },
    {
      "cve": "CVE-2022-26490",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-26490"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-26490",
          "url": "https://www.suse.com/security/cve/CVE-2022-26490"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196830 for CVE-2022-26490",
          "url": "https://bugzilla.suse.com/1196830"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201656 for CVE-2022-26490",
          "url": "https://bugzilla.suse.com/1201656"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201969 for CVE-2022-26490",
          "url": "https://bugzilla.suse.com/1201969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1211495 for CVE-2022-26490",
          "url": "https://bugzilla.suse.com/1211495"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-26490"
    },
    {
      "cve": "CVE-2022-29582",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-29582"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel before 5.17.3, fs/io_uring.c has a use-after-free due to a race condition in io_uring timeouts. This can be triggered by a local user who has no access to any user namespace; however, the race condition perhaps can only be exploited infrequently.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-29582",
          "url": "https://www.suse.com/security/cve/CVE-2022-29582"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198811 for CVE-2022-29582",
          "url": "https://bugzilla.suse.com/1198811"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199750 for CVE-2022-29582",
          "url": "https://bugzilla.suse.com/1199750"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-29582"
    },
    {
      "cve": "CVE-2022-29900",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-29900"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-29900",
          "url": "https://www.suse.com/security/cve/CVE-2022-29900"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199657 for CVE-2022-29900",
          "url": "https://bugzilla.suse.com/1199657"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201469 for CVE-2022-29900",
          "url": "https://bugzilla.suse.com/1201469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1207894 for CVE-2022-29900",
          "url": "https://bugzilla.suse.com/1207894"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-29900"
    },
    {
      "cve": "CVE-2022-29901",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-29901"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-29901",
          "url": "https://www.suse.com/security/cve/CVE-2022-29901"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201469 for CVE-2022-29901",
          "url": "https://bugzilla.suse.com/1201469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1207894 for CVE-2022-29901",
          "url": "https://bugzilla.suse.com/1207894"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-29901"
    },
    {
      "cve": "CVE-2022-30594",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-30594"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-30594",
          "url": "https://www.suse.com/security/cve/CVE-2022-30594"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199505 for CVE-2022-30594",
          "url": "https://bugzilla.suse.com/1199505"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199602 for CVE-2022-30594",
          "url": "https://bugzilla.suse.com/1199602"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201549 for CVE-2022-30594",
          "url": "https://bugzilla.suse.com/1201549"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-30594",
          "url": "https://bugzilla.suse.com/1204132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-30594"
    },
    {
      "cve": "CVE-2022-33740",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-33740"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don\u0027t zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn\u0027t allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-33740",
          "url": "https://www.suse.com/security/cve/CVE-2022-33740"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200762 for CVE-2022-33740",
          "url": "https://bugzilla.suse.com/1200762"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-33740"
    },
    {
      "cve": "CVE-2022-33741",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-33741"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don\u0027t zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn\u0027t allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-33741",
          "url": "https://www.suse.com/security/cve/CVE-2022-33741"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200762 for CVE-2022-33741",
          "url": "https://bugzilla.suse.com/1200762"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-33741"
    },
    {
      "cve": "CVE-2022-33742",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-33742"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don\u0027t zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn\u0027t allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-33742",
          "url": "https://www.suse.com/security/cve/CVE-2022-33742"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200762 for CVE-2022-33742",
          "url": "https://bugzilla.suse.com/1200762"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-33742"
    },
    {
      "cve": "CVE-2022-33743",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-33743"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path), a code label was moved in a way allowing for SKBs having references (pointers) retained for further processing to nevertheless be freed.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-33743",
          "url": "https://www.suse.com/security/cve/CVE-2022-33743"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200763 for CVE-2022-33743",
          "url": "https://bugzilla.suse.com/1200763"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201629 for CVE-2022-33743",
          "url": "https://bugzilla.suse.com/1201629"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-33743"
    },
    {
      "cve": "CVE-2022-33981",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-33981"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-33981",
          "url": "https://www.suse.com/security/cve/CVE-2022-33981"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200692 for CVE-2022-33981",
          "url": "https://bugzilla.suse.com/1200692"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-33981"
    },
    {
      "cve": "CVE-2022-34918",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-34918"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
          "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-34918",
          "url": "https://www.suse.com/security/cve/CVE-2022-34918"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201171 for CVE-2022-34918",
          "url": "https://bugzilla.suse.com/1201171"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201177 for CVE-2022-34918",
          "url": "https://bugzilla.suse.com/1201177"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201222 for CVE-2022-34918",
          "url": "https://bugzilla.suse.com/1201222"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.7.1.noarch",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.7.1.x86_64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.aarch64",
            "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-08-01T08:42:02Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-34918"
    }
  ]
}

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.0.\n\nSiemens has released a new version for SIMATIC S7-1500 TM MFP -\u00a0GNU/Linux subsystem and recommends to update to the latest version.\n\nThis advisory lists vulnerabilities for firmware version V1.0 only; for V1.1 refer to Siemens Security Advisory SSA-265688 (\nhttps://cert-portal.siemens.com/productcert/html/ssa-265688.html).",
        "title": "Summary"
      },
      {
        "category": "general",
        "text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
        "title": "General Recommendations"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "productcert@siemens.com",
      "name": "Siemens ProductCERT",
      "namespace": "https://www.siemens.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - HTML Version",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-794697.html"
      },
      {
        "category": "self",
        "summary": "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - CSAF Version",
        "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-794697.json"
      },
      {
        "category": "self",
        "summary": "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - PDF Version",
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"
      },
      {
        "category": "self",
        "summary": "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - TXT Version",
        "url": "https://cert-portal.siemens.com/productcert/txt/ssa-794697.txt"
      }
    ],
    "title": "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1",
    "tracking": {
      "current_release_date": "2024-04-09T00:00:00Z",
      "generator": {
        "engine": {
          "name": "Siemens ProductCERT CSAF Generator",
          "version": "1"
        }
      },
      "id": "SSA-794697",
      "initial_release_date": "2023-06-13T00:00:00Z",
      "revision_history": [
        {
          "date": "2023-06-13T00:00:00Z",
          "legacy_version": "1.0",
          "number": "1",
          "summary": "Publication Date"
        },
        {
          "date": "2023-07-11T00:00:00Z",
          "legacy_version": "1.1",
          "number": "2",
          "summary": "Added CVE-2022-4269, CVE-2023-3141, CVE-2023-3268, CVE-2023-31436, CVE-2023-32233"
        },
        {
          "date": "2023-08-08T00:00:00Z",
          "legacy_version": "1.2",
          "number": "3",
          "summary": "Added CVE-2023-3446, CVE-2023-3389, CVE-2022-1015, \r\nCVE-2023-3609"
        },
        {
          "date": "2023-09-12T00:00:00Z",
          "legacy_version": "1.3",
          "number": "4",
          "summary": "Added CVE-2023-3338"
        },
        {
          "date": "2023-11-14T00:00:00Z",
          "legacy_version": "1.4",
          "number": "5",
          "summary": "Added CVE-2023-1206, CVE-2023-2898, CVE-2023-3610, CVE-2023-3611, CVE-2023-3772, CVE-2023-3773, CVE-2023-3777, CVE-2023-4004, CVE-2023-4015, CVE-2023-4273, CVE-2023-4623, CVE-2023-4921, CVE-2023-35001, CVE-2023-37453, CVE-2023-39192, CVE-2023-39193, CVE-2023-39194, CVE-2023-42753, CVE-2023-42755"
        },
        {
          "date": "2023-12-12T00:00:00Z",
          "legacy_version": "1.5",
          "number": "6",
          "summary": "Added CVE-2021-44879, CVE-2023-5178, CVE-2023-5197, CVE-2023-5678, CVE-2023-5717, CVE-2023-31085, CVE-2023-35827, CVE-2023-39189, CVE-2023-42754, CVE-2023-45863, CVE-2023-45871"
        },
        {
          "date": "2024-01-09T00:00:00Z",
          "legacy_version": "1.6",
          "number": "7",
          "summary": "Added CVE-2023-48795"
        },
        {
          "date": "2024-02-13T00:00:00Z",
          "legacy_version": "1.7",
          "number": "8",
          "summary": "Added CVE-2020-12762, CVE-2023-6606, CVE-2023-6931, CVE-2023-6932, CVE-2023-7008, CVE-2023-7104, CVE-2023-36660, CVE-2023-50495, CVE-2023-51384, CVE-2023-51385, CVE-2023-51767, CVE-2024-0232, CVE-2024-0553, CVE-2024-0567, CVE-2024-0584, CVE-2024-0684, CVE-2024-22365, CVE-2024-25062"
        },
        {
          "date": "2024-04-09T00:00:00Z",
          "legacy_version": "1.8",
          "number": "9",
          "summary": "Added fix for SIMATIC S7-1500 TM MFP - GNU/Linux subsystem"
        }
      ],
      "status": "interim",
      "version": "9"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cV1.1",
                "product": {
                  "name": "SIMATIC S7-1500 TM MFP -\u00a0GNU/Linux subsystem",
                  "product_id": "1"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 TM MFP -\u00a0GNU/Linux subsystem"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-12762",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2020-12762"
    },
    {
      "cve": "CVE-2021-3759",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A memory overflow vulnerability was found in the Linux kernel\u2019s ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-3759"
    },
    {
      "cve": "CVE-2021-4037",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. This can lead to excessive permissions granted in case when they should not. This vulnerability is similar to the previous CVE-2018-13405 and adds the missed fix for the XFS.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-4037"
    },
    {
      "cve": "CVE-2021-33655",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-33655"
    },
    {
      "cve": "CVE-2021-44879",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-44879"
    },
    {
      "cve": "CVE-2022-0171",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-0171"
    },
    {
      "cve": "CVE-2022-1012",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-1012"
    },
    {
      "cve": "CVE-2022-1015",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. This flaw allows a local user to cause an out-of-bounds write issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-1015"
    },
    {
      "cve": "CVE-2022-1184",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel\u2019s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-1184"
    },
    {
      "cve": "CVE-2022-1292",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The c_rehash script does not properly sanitise shell metacharacters to prevent command injection.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-1292"
    },
    {
      "cve": "CVE-2022-1343",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Under certain circumstances, the command line OCSP verify function reports successful verification when the verification in fact failed. In this case the incorrect successful response will also be accompanied by error messages showing the failure and contradicting the apparently successful result.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-1343"
    },
    {
      "cve": "CVE-2022-1434",
      "cwe": {
        "id": "CWE-327",
        "name": "Use of a Broken or Risky Cryptographic Algorithm"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When using the RC4-MD5 ciphersuite, which is disabled by default, an attacker is able to modify data in transit due to an incorrect use of the AAD data as the MAC key in OpenSSL 3.0. An attacker is not able to decrypt any communication.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-1434"
    },
    {
      "cve": "CVE-2022-1462",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds read flaw was found in the Linux kernel\u2019s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a local user to crash the system or read unauthorized random data from memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-1462"
    },
    {
      "cve": "CVE-2022-1473",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The used OpenSSL version improperly reuses memory when decoding certificates or keys. This can lead to a process termination and Denial of Service for long lived processes.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-1473"
    },
    {
      "cve": "CVE-2022-1679",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in the Linux kernel\u2019s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-1679"
    },
    {
      "cve": "CVE-2022-1852",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference flaw was found in the Linux kernel\u2019s KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-1852"
    },
    {
      "cve": "CVE-2022-1882",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in the Linux kernel\u2019s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-1882"
    },
    {
      "cve": "CVE-2022-2068",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-2068"
    },
    {
      "cve": "CVE-2022-2078",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in the Linux kernel\u0027s nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-2078"
    },
    {
      "cve": "CVE-2022-2097",
      "cwe": {
        "id": "CWE-326",
        "name": "Inadequate Encryption Strength"
      },
      "notes": [
        {
          "category": "summary",
          "text": "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn\u0027t written. In the special case of \"in place\" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-2097"
    },
    {
      "cve": "CVE-2022-2153",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel\u2019s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-2153"
    },
    {
      "cve": "CVE-2022-2274",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. SSL/TLS servers or other servers using 2048 bit RSA private keys running on machines supporting AVX512IFMA instructions of the X86_64 architecture are affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-2274"
    },
    {
      "cve": "CVE-2022-2327",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "io_uring use work_flags to determine which identity need to grab from the calling process to make sure it is consistent with the calling process when executing IORING_OP. Some operations are missing some types, which can lead to incorrect reference counts which can then lead to a double free. We recommend upgrading the kernel past commit df3f3bb5059d20ef094d6b2f0256c4bf4127a859",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-2327"
    },
    {
      "cve": "CVE-2022-2503",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equivalent dm-linear target and bypass verification till reboot. This allows root to bypass LoadPin and can be used to load untrusted and unverified kernel modules and firmware, which implies arbitrary kernel execution and persistence for peripherals that do not verify firmware updates. We recommend upgrading past commit 4caae58406f8ceb741603eee460d79bacca9b1b5",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-2503"
    },
    {
      "cve": "CVE-2022-2586",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in nf_tables cross-table in the net/netfilter/nf_tables_api.c function in the Linux kernel. This flaw allows a local, privileged attacker to cause a use-after-free problem at the time of table deletion, possibly leading to local privilege escalation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-2586"
    },
    {
      "cve": "CVE-2022-2588",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-2588"
    },
    {
      "cve": "CVE-2022-2602",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel. A race issue occurs between an io_uring request and the Unix socket garbage collector, allowing an attacker local privilege escalation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-2602"
    },
    {
      "cve": "CVE-2022-2663",
      "cwe": {
        "id": "CWE-923",
        "name": "Improper Restriction of Communication Channel to Intended Endpoints"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-2663"
    },
    {
      "cve": "CVE-2022-2905",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds memory read flaw was found in the Linux kernel\u0027s BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-2905"
    },
    {
      "cve": "CVE-2022-2959",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A race condition was found in the Linux kernel\u0027s watch queue due to a missing lock in pipe_resize_ring(). The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a local user to crash the system or escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-2959"
    },
    {
      "cve": "CVE-2022-2978",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-2978"
    },
    {
      "cve": "CVE-2022-3028",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A race condition was found in the Linux kernel\u0027s IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3028"
    },
    {
      "cve": "CVE-2022-3104",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3104"
    },
    {
      "cve": "CVE-2022-3115",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel through 5.16-rc6. malidp_crtc_reset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3115"
    },
    {
      "cve": "CVE-2022-3169",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET through the device file of the driver, resulting in a PCIe link disconnect.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3169"
    },
    {
      "cve": "CVE-2022-3303",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3303"
    },
    {
      "cve": "CVE-2022-3521",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VDB-211018 is the identifier assigned to this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3521"
    },
    {
      "cve": "CVE-2022-3524",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211021 was assigned to this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3524"
    },
    {
      "cve": "CVE-2022-3534",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability classified as critical has been found in Linux Kernel. Affected is the function btf_dump_name_dups of the file tools/lib/bpf/btf_dump.c of the component libbpf. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211032.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3534"
    },
    {
      "cve": "CVE-2022-3545",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3545"
    },
    {
      "cve": "CVE-2022-3564",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3564"
    },
    {
      "cve": "CVE-2022-3565",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3565"
    },
    {
      "cve": "CVE-2022-3586",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel\u2019s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3586"
    },
    {
      "cve": "CVE-2022-3594",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3594"
    },
    {
      "cve": "CVE-2022-3606",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in Linux Kernel. It has been classified as problematic. This affects the function find_prog_by_sec_insn of the file tools/lib/bpf/libbpf.c of the component BPF. The manipulation leads to null pointer dereference. It is recommended to apply a patch to fix this issue. The identifier VDB-211749 was assigned to this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3606"
    },
    {
      "cve": "CVE-2022-3621",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211920.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3621"
    },
    {
      "cve": "CVE-2022-3625",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211929 was assigned to this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3625"
    },
    {
      "cve": "CVE-2022-3628",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device. This can allow a local user to crash the system or escalate their privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3628"
    },
    {
      "cve": "CVE-2022-3629",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211930 is the identifier assigned to this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3629"
    },
    {
      "cve": "CVE-2022-3633",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function j1939_session_destroy of the file net/can/j1939/transport.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211932.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3633"
    },
    {
      "cve": "CVE-2022-3635",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. VDB-211934 is the identifier assigned to this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3635"
    },
    {
      "cve": "CVE-2022-3646",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3646"
    },
    {
      "cve": "CVE-2022-3649",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211992.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3649"
    },
    {
      "cve": "CVE-2022-4095",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c, allowing an attacker to launch a local denial of service attack and gain escalation of privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-4095"
    },
    {
      "cve": "CVE-2022-4129",
      "cwe": {
        "id": "CWE-667",
        "name": "Improper Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel\u0027s Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-4129"
    },
    {
      "cve": "CVE-2022-4139",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An incorrect TLB flush issue was found in the Linux kernel\u2019s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-4139"
    },
    {
      "cve": "CVE-2022-4269",
      "cwe": {
        "id": "CWE-833",
        "name": "Deadlock"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action \"mirred\") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in use (TCP or SCTP) does a retransmission, resulting in a denial of service condition.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-4269"
    },
    {
      "cve": "CVE-2022-4304",
      "cwe": {
        "id": "CWE-326",
        "name": "Inadequate Encryption Strength"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-4304"
    },
    {
      "cve": "CVE-2022-4450",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the \"name\" (e.g. \"CERTIFICATE\"), any header data and the payload data. If the function succeeds then the \"name_out\", \"header\" and \"data\" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-4450"
    },
    {
      "cve": "CVE-2022-4662",
      "cwe": {
        "id": "CWE-455",
        "name": "Non-exit on Failed Initialization"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-4662"
    },
    {
      "cve": "CVE-2022-20421",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239630375References: Upstream kernel",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-20421"
    },
    {
      "cve": "CVE-2022-20422",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In emulation_proc_handler of armv8_deprecated.c, there is a possible way to corrupt memory due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237540956References: Upstream kernel",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-20422"
    },
    {
      "cve": "CVE-2022-20566",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In l2cap_chan_put of l2cap_core, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-165329981References: Upstream kernel",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-20566"
    },
    {
      "cve": "CVE-2022-20572",
      "cwe": {
        "id": "CWE-863",
        "name": "Incorrect Authorization"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In verity_target of dm-verity-target.c, there is a possible way to modify read-only files due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-234475629References: Upstream kernel",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-20572"
    },
    {
      "cve": "CVE-2022-21123",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-21123"
    },
    {
      "cve": "CVE-2022-21125",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-21125"
    },
    {
      "cve": "CVE-2022-21166",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-21166"
    },
    {
      "cve": "CVE-2022-21505",
      "cwe": {
        "id": "CWE-305",
        "name": "Authentication Bypass by Primary Weakness"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A bug in the IMA subsystem was discovered which would incorrectly allow kexec to be used when kernel lockdown was enabled",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-21505"
    },
    {
      "cve": "CVE-2022-26373",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-26373"
    },
    {
      "cve": "CVE-2022-32250",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-32250"
    },
    {
      "cve": "CVE-2022-32296",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 (\"Double-Hash Port Selection Algorithm\") of RFC 6056.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-32296"
    },
    {
      "cve": "CVE-2022-34918",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-34918"
    },
    {
      "cve": "CVE-2022-36123",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service or gain privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-36123"
    },
    {
      "cve": "CVE-2022-36280",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file \u0027/dev/dri/renderD128 (or Dxxx)\u0027. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-36280"
    },
    {
      "cve": "CVE-2022-36879",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-36879"
    },
    {
      "cve": "CVE-2022-36946",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb-\u003elen.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-36946"
    },
    {
      "cve": "CVE-2022-39188",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-39188"
    },
    {
      "cve": "CVE-2022-39190",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-39190"
    },
    {
      "cve": "CVE-2022-40307",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-40307"
    },
    {
      "cve": "CVE-2022-40768",
      "cwe": {
        "id": "CWE-668",
        "name": "Exposure of Resource to Wrong Sphere"
      },
      "notes": [
        {
          "category": "summary",
          "text": "drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-40768"
    },
    {
      "cve": "CVE-2022-41218",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-41218"
    },
    {
      "cve": "CVE-2022-41222",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-41222"
    },
    {
      "cve": "CVE-2022-41674",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-41674"
    },
    {
      "cve": "CVE-2022-41849",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-41849"
    },
    {
      "cve": "CVE-2022-41850",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report-\u003evalue is in progress.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-41850"
    },
    {
      "cve": "CVE-2022-42328",
      "cwe": {
        "id": "CWE-667",
        "name": "Improper Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Guests can trigger deadlock in Linux netback driver [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). Additionally when dropping packages for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver is connected to (CVE-2022-42329).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-42328"
    },
    {
      "cve": "CVE-2022-42329",
      "cwe": {
        "id": "CWE-667",
        "name": "Improper Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Guests can trigger deadlock in Linux netback drive. The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). Additionally when dropping packages for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver is connected to (CVE-2022-42329).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-42329"
    },
    {
      "cve": "CVE-2022-42432",
      "cwe": {
        "id": "CWE-457",
        "name": "Use of Uninitialized Variable"
      },
      "notes": [
        {
          "category": "summary",
          "text": "This vulnerability allows local attackers to disclose sensitive information on affected installations of the Linux Kernel 6.0-rc2. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the nft_osf_eval function. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the kernel. Was ZDI-CAN-18540.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-42432"
    },
    {
      "cve": "CVE-2022-42703",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-42703"
    },
    {
      "cve": "CVE-2022-42719",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-42719"
    },
    {
      "cve": "CVE-2022-42720",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-42720"
    },
    {
      "cve": "CVE-2022-42721",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-42721"
    },
    {
      "cve": "CVE-2022-42722",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-42722"
    },
    {
      "cve": "CVE-2022-42895",
      "cwe": {
        "id": "CWE-824",
        "name": "Access of Uninitialized Pointer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There is an infoleak vulnerability in the Linux kernel\u0027s net/bluetooth/l2cap_core.c\u0027s l2cap_parse_conf_req function which can be used to leak kernel pointers remotely. We recommend upgrading past commit https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435a732b4e62ba3157a2e",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-42895"
    },
    {
      "cve": "CVE-2022-42896",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There are use-after-free vulnerabilities in the Linux kernel\u0027s net/bluetooth/l2cap_core.c\u0027s l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim. We recommend upgrading past commit https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-42896"
    },
    {
      "cve": "CVE-2022-43750",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor\u0027s internal memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-43750"
    },
    {
      "cve": "CVE-2022-47518",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of channels in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when copying the list of operating channels from Wi-Fi management frames.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-47518"
    },
    {
      "cve": "CVE-2022-47520",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-47520"
    },
    {
      "cve": "CVE-2022-47929",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with \"tc qdisc\" and \"tc class\" commands. This affects qdisc_graft in net/sched/sch_api.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-47929"
    },
    {
      "cve": "CVE-2022-47946",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel 5.10.x before 5.10.155. A use-after-free in io_sqpoll_wait_sq in fs/io_uring.c allows an attacker to crash the kernel, resulting in denial of service. finish_wait can be skipped. An attack can occur in some situations by forking a process and then quickly terminating it. NOTE: later kernel versions, such as the 5.15 longterm series, substantially changed the implementation of io_sqpoll_wait_sq.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-47946"
    },
    {
      "cve": "CVE-2023-0215",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. This internal function is in turn called by the public API functions PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream. The OpenSSL cms and smime command line applications are similarly affected.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-0215"
    },
    {
      "cve": "CVE-2023-0286",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-0286"
    },
    {
      "cve": "CVE-2023-0464",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems.\r\n\r\nPolicy processing is disabled by default but can be enabled by passing the `-policy` argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()` function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-0464"
    },
    {
      "cve": "CVE-2023-0465",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Applications that use a non-default option when verifying certificates may be\r\nvulnerable to an attack from a malicious CA to circumvent certain checks.\r\n\r\nInvalid certificate policies in leaf certificates are silently ignored by\r\nOpenSSL and other certificate policy checks are skipped for that certificate.\r\nA malicious CA could use this to deliberately assert invalid certificate policies\r\nin order to circumvent policy checking on the certificate altogether.\r\n\r\nPolicy processing is disabled by default but can be enabled by passing\r\nthe `-policy` argument to the command line utilities or by calling the\r\n`X509_VERIFY_PARAM_set1_policies()` function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-0465"
    },
    {
      "cve": "CVE-2023-0466",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The function X509_VERIFY_PARAM_add0_policy() is documented to\nimplicitly enable the certificate policy check when doing certificate\nverification. However the implementation of the function does not\nenable the check which allows certificates with invalid or incorrect\npolicies to pass the certificate verification.\n\nAs suddenly enabling the policy check could break existing deployments it was\ndecided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy()\nfunction.\n\nInstead the applications that require OpenSSL to perform certificate\npolicy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly\nenable the policy check by calling X509_VERIFY_PARAM_set_flags() with\nthe X509_V_FLAG_POLICY_CHECK flag argument.\n\nCertificate policy checks are disabled by default in OpenSSL and are not\ncommonly used by applications.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-0466"
    },
    {
      "cve": "CVE-2023-0590",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (\"net: sched: fix race condition in qdisc_graft()\") not applied yet, then kernel could be affected.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-0590"
    },
    {
      "cve": "CVE-2023-1077",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-1077"
    },
    {
      "cve": "CVE-2023-1095",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never placed on a list -- the list head is all zeroes, this results in a NULL pointer dereference.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-1095"
    },
    {
      "cve": "CVE-2023-1206",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel\u2019s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-1206"
    },
    {
      "cve": "CVE-2023-2898",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user to cause a denial of service problem.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-2898"
    },
    {
      "cve": "CVE-2023-3141",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-3141"
    },
    {
      "cve": "CVE-2023-3268",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-3268"
    },
    {
      "cve": "CVE-2023-3338",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A null pointer dereference flaw was found in the Linux kernel\u0027s DECnet networking protocol. This issue could allow a remote user to crash the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-3338"
    },
    {
      "cve": "CVE-2023-3389",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Racing a io_uring cancel poll request with a linked timeout can cause a UAF in a hrtimer.\r\n\r\nWe recommend upgrading past commit `ef7dfac51d8ed961b742218f526bd589f3900a59`  \r\n(`4716c73b188566865bdd79c3a6709696a224ac04` for 5.10 stable and   \r\n`0e388fce7aec40992eadee654193cad345d62663` for 5.15 stable).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-3389"
    },
    {
      "cve": "CVE-2023-3446",
      "cwe": {
        "id": "CWE-1333",
        "name": "Inefficient Regular Expression Complexity"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus (\u0027p\u0027 parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulernable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the \u0027-check\u0027 option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-3446"
    },
    {
      "cve": "CVE-2023-3609",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: cls_u32 component can be exploited to achieve local privilege escalation.\r\n\r\nIf tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-3609"
    },
    {
      "cve": "CVE-2023-3610",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\r\n\r\nFlaw in the error handling of bound chains causes a use-after-free in the abort path of NFT_MSG_NEWRULE. The vulnerability requires CAP_NET_ADMIN to be triggered.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-3610"
    },
    {
      "cve": "CVE-2023-3611",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds write vulnerability in the Linux kernel\u0027s net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\r\n\r\nThe qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-3611"
    },
    {
      "cve": "CVE-2023-3772",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel\u0027s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-3772"
    },
    {
      "cve": "CVE-2023-3773",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel\u0027s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to cause a 4 byte out-of-bounds read of XFRMA_MTIMER_THRESH when parsing netlink attributes, leading to potential leakage of sensitive heap data to userspace.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-3773"
    },
    {
      "cve": "CVE-2023-3777",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nWhen nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain\u0027s owner rule can also release the objects in certain circumstances.\n\nWe recommend upgrading past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-3777"
    },
    {
      "cve": "CVE-2023-4004",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in the Linux kernel\u0027s netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-4004"
    },
    {
      "cve": "CVE-2023-4015",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The netfilter subsystem in the Linux kernel did not properly handle bound chain deactivation in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-4015"
    },
    {
      "cve": "CVE-2023-4273",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "This vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this vulnerability to overflow the kernel stack.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-4273"
    },
    {
      "cve": "CVE-2023-4623",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation.\n\nIf a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free.\n\nWe recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-4623"
    },
    {
      "cve": "CVE-2023-4911",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A buffer overflow was discovered in the GNU C Library\u0027s dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-4911"
    },
    {
      "cve": "CVE-2023-4921",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\n\nWhen the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrect .peek handler of sch_plug and lack of error checking in agg_dequeue().\n\nWe recommend upgrading past commit 8fc134fee27f2263988ae38920bc03da416b03d8.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-4921"
    },
    {
      "cve": "CVE-2023-5178",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a malicious local privileged user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation problem.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-5178"
    },
    {
      "cve": "CVE-2023-5197",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\r\n\r\nAddition and removal of rules from chain bindings within the same transaction causes leads to use-after-free.\r\n\r\nWe recommend upgrading past commit f15f29fd4779be8a418b66e9d52979bb6d6c2325.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-5197"
    },
    {
      "cve": "CVE-2023-5678",
      "cwe": {
        "id": "CWE-754",
        "name": "Improper Check for Unusual or Exceptional Conditions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn\u0027t make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn\u0027t check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the \"-pubcheck\" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-5678"
    },
    {
      "cve": "CVE-2023-5717",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A heap out-of-bounds write vulnerability in the Linux kernel\u0027s Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation.\r\n\r\nIf perf_read_group() is called while an event\u0027s sibling_list is smaller than its child\u0027s sibling_list, it can increment or write to memory locations outside of the allocated buffer.\r\n\r\nWe recommend upgrading past commit 32671e3799ca2e4590773fd0e63aaa4229e50c06.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-5717"
    },
    {
      "cve": "CVE-2023-6606",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-6606"
    },
    {
      "cve": "CVE-2023-6931",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A heap out-of-bounds write vulnerability in the Linux kernel\u0027s Performance Events system component can be exploited to achieve local privilege escalation.\n\nA perf_event\u0027s read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group().\n\nWe recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-6931"
    },
    {
      "cve": "CVE-2023-6932",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s ipv4: igmp component can be exploited to achieve local privilege escalation.\n\nA race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread.\n\nWe recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-6932"
    },
    {
      "cve": "CVE-2023-7008",
      "cwe": {
        "id": "CWE-300",
        "name": "Channel Accessible by Non-Endpoint"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-7008"
    },
    {
      "cve": "CVE-2023-7104",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-248999.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-7104"
    },
    {
      "cve": "CVE-2023-23454",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-23454"
    },
    {
      "cve": "CVE-2023-23455",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-23455"
    },
    {
      "cve": "CVE-2023-23559",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-23559"
    },
    {
      "cve": "CVE-2023-26607",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-26607"
    },
    {
      "cve": "CVE-2023-31085",
      "cwe": {
        "id": "CWE-369",
        "name": "Divide By Zero"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd-\u003eerasesize), used indirectly by ctrl_cdev_ioctl, when mtd-\u003eerasesize is 0.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-31085"
    },
    {
      "cve": "CVE-2023-31436",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-31436"
    },
    {
      "cve": "CVE-2023-32233",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-32233"
    },
    {
      "cve": "CVE-2023-35001",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-35001"
    },
    {
      "cve": "CVE-2023-35827",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel through 6.3.8. A use-after-free was found in ravb_remove in drivers/net/ethernet/renesas/ravb_main.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-35827"
    },
    {
      "cve": "CVE-2023-36660",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-36660"
    },
    {
      "cve": "CVE-2023-37453",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in read_descriptors in drivers/usb/core/sysfs.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-37453"
    },
    {
      "cve": "CVE-2023-39189",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-39189"
    },
    {
      "cve": "CVE-2023-39192",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a crash or information disclosure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-39192"
    },
    {
      "cve": "CVE-2023-39193",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-39193"
    },
    {
      "cve": "CVE-2023-39194",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, potentially leading to an information disclosure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.2,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-39194"
    },
    {
      "cve": "CVE-2023-42753",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h-\u003enets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-42753"
    },
    {
      "cve": "CVE-2023-42754",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privileges to crash the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-42754"
    },
    {
      "cve": "CVE-2023-42755",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-42755"
    },
    {
      "cve": "CVE-2023-45863",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in a fill_kobj_path out-of-bounds write.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-45863"
    },
    {
      "cve": "CVE-2023-45871",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-45871"
    },
    {
      "cve": "CVE-2023-48795",
      "cwe": {
        "id": "CWE-222",
        "name": "Truncation of Security-relevant Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust; and there could be effects on Bitvise SSH through 9.31.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-48795"
    },
    {
      "cve": "CVE-2023-50495",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-50495"
    },
    {
      "cve": "CVE-2023-51384",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-51384"
    },
    {
      "cve": "CVE-2023-51385",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-51385"
    },
    {
      "cve": "CVE-2023-51767",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-51767"
    },
    {
      "cve": "CVE-2024-0232",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2024-0232"
    },
    {
      "cve": "CVE-2024-0553",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2024-0553"
    },
    {
      "cve": "CVE-2024-0567",
      "cwe": {
        "id": "CWE-347",
        "name": "Improper Verification of Cryptographic Signature"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2024-0567"
    },
    {
      "cve": "CVE-2024-0584",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free issue was found in igmp_start_timer in net/ipv4/igmp.c in the network sub-component in the Linux Kernel. This flaw allows a local user to observe a refcnt use-after-free issue when receiving an igmp query packet, leading to a kernel information leak.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2024-0584"
    },
    {
      "cve": "CVE-2024-0684",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the GNU coreutils \"split\" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the line_bytes_split() function, potentially leading to an application crash and denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2024-0684"
    },
    {
      "cve": "CVE-2024-22365",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2024-22365"
    },
    {
      "cve": "CVE-2024-25062",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2024-25062"
    }
  ]
}

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the firmware version  \u003e= V3.1.0 and \u003c V3.1.5 for the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP (incl. SIPLUS variant).\n\nThese GNU/Linux vulnerabilities have been externally identified. \nSiemens has released new versions for the affected products and recommends to update to the latest versions.\n\nNote: This SSA advises vulnerabilities for firmware version V3.1 only; for versions \u003c V3.1 refer to Siemens Security Bulletin SSB-439005 (\nhttps://cert-portal.siemens.com/productcert/html/ssb-439005.html).",
        "title": "Summary"
      },
      {
        "category": "general",
        "text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
        "title": "General Recommendations"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "productcert@siemens.com",
      "name": "Siemens ProductCERT",
      "namespace": "https://www.siemens.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "SSA-398330: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP  \u003e= V3.1.0 and \u003c V3.1.5 - HTML Version",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-398330.html"
      },
      {
        "category": "self",
        "summary": "SSA-398330: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP  \u003e= V3.1.0 and \u003c V3.1.5 - CSAF Version",
        "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-398330.json"
      }
    ],
    "title": "SSA-398330: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP  \u003e= V3.1.0 and \u003c V3.1.5",
    "tracking": {
      "current_release_date": "2025-08-12T00:00:00Z",
      "generator": {
        "engine": {
          "name": "Siemens ProductCERT CSAF Generator",
          "version": "1"
        }
      },
      "id": "SSA-398330",
      "initial_release_date": "2023-12-12T00:00:00Z",
      "revision_history": [
        {
          "date": "2023-12-12T00:00:00Z",
          "legacy_version": "1.0",
          "number": "1",
          "summary": "Publication Date"
        },
        {
          "date": "2024-01-09T00:00:00Z",
          "legacy_version": "1.1",
          "number": "2",
          "summary": "Added CVE-2021-44879, CVE-2023-46218, CVE-2023-46219, and CVE-2023-48795"
        },
        {
          "date": "2024-02-13T00:00:00Z",
          "legacy_version": "1.2",
          "number": "3",
          "summary": "Added CVE-2023-45898, CVE-2023-46862, CVE-2023-6121, CVE-2023-6817, CVE-2023-6931, CVE-2023-6932, CVE-2024-0584"
        },
        {
          "date": "2024-03-12T00:00:00Z",
          "legacy_version": "1.3",
          "number": "4",
          "summary": "Added CVE-2023-52425, CVE-2023-52426, CVE-2023-45918"
        },
        {
          "date": "2024-04-09T00:00:00Z",
          "legacy_version": "1.4",
          "number": "5",
          "summary": "Added CVE-2024-28757"
        },
        {
          "date": "2024-05-14T00:00:00Z",
          "legacy_version": "1.5",
          "number": "6",
          "summary": "Added CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466, CVE-2024-2511, CVE-2024-28085, CVE-2024-28182, CVE-2024-28834, CVE-2024-28835"
        },
        {
          "date": "2024-06-11T00:00:00Z",
          "legacy_version": "1.6",
          "number": "7",
          "summary": "Added CVE-2024-2961, CVE-2024-33599, CVE-2024-33600, CVE-2024-33601, CVE-2024-33602, CVE-2024-34459"
        },
        {
          "date": "2024-07-09T00:00:00Z",
          "legacy_version": "1.7",
          "number": "8",
          "summary": "Added CVE-2024-5535, CVE-2024-5742"
        },
        {
          "date": "2024-08-13T00:00:00Z",
          "legacy_version": "1.8",
          "number": "9",
          "summary": "Added CVE-2017-15422, CVE-2024-7264, CVE-2024-37370, CVE-2024-37371"
        },
        {
          "date": "2024-10-08T00:00:00Z",
          "legacy_version": "1.9",
          "number": "10",
          "summary": "Added CVE-2024-6409, CVE-2024-8096, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492"
        },
        {
          "date": "2024-11-12T00:00:00Z",
          "legacy_version": "2.0",
          "number": "11",
          "summary": "Added CVE-2024-2236, CVE-2024-9143"
        },
        {
          "date": "2024-12-10T00:00:00Z",
          "legacy_version": "2.1",
          "number": "12",
          "summary": "Added CVE-2024-50602, CVE-2024-52533"
        },
        {
          "date": "2025-01-14T00:00:00Z",
          "legacy_version": "2.2",
          "number": "13",
          "summary": "Added CVE-2024-11053"
        },
        {
          "date": "2025-02-11T00:00:00Z",
          "legacy_version": "2.3",
          "number": "14",
          "summary": "Added multiple CVEs"
        },
        {
          "date": "2025-03-11T00:00:00Z",
          "legacy_version": "2.4",
          "number": "15",
          "summary": "Added CVE-2023-52622, CVE-2024-12133, -12243, -26645, -26671, -26679, -26772, -26773, -26777, -26805, -26923, -27020, -27032, -36017, -36484, -36904, -36905, -36934, -39487, -41046, -42106, -42131, -42154, -43871, -44944, -44965, -46743, -46745, -46750, -47684, -47701, -47737, -49881, -49884, -49948, -49949, -49952, -49997, -50006, -50040, -50045, -50251, -50262, -50299, -50301, -53057, -53140, -53165, -53217, CVE-2025-0167, -0395, -0665, -0725, -26465, -26466"
        },
        {
          "date": "2025-04-08T00:00:00Z",
          "legacy_version": "2.5",
          "number": "16",
          "summary": "Added CVE-2025-21694, CVE-2025-1390, CVE-2024-8176, CVE-2024-57901, CVE-2024-57884, CVE-2024-56780, CVE-2024-56779, CVE-2024-56770, CVE-2024-56650, CVE-2024-56644, CVE-2024-56606, CVE-2024-56601, CVE-2024-56600, CVE-2024-56570, CVE-2024-56569, CVE-2024-53164, CVE-2024-53124, CVE-2024-52332, CVE-2024-48881, CVE-2024-47707, CVE-2024-12243"
        },
        {
          "date": "2025-06-10T00:00:00Z",
          "legacy_version": "2.6",
          "number": "17",
          "summary": "Added fix for SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP incl. SIPLUS variants"
        },
        {
          "date": "2025-08-12T00:00:00Z",
          "legacy_version": "2.7",
          "number": "18",
          "summary": "Removed CVE-2021-41617, CVE-2023-28531, CVE-2023-38545, CVE-2023-38546, CVE-2023-44487, CVE-2023-4527, CVE-2023-46218, CVE-2023-46219, CVE-2023-4806, CVE-2023-48795, CVE-2023-4911, CVE-2024-12133, CVE-2024-12243, CVE-2024-28085, CVE-2024-2961, CVE-2024-33599, CVE-2024-33600, CVE-2024-33601, CVE-2024-33602, CVE-2024-37370, CVE-2024-37371, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2025-26465, CVE-2025-46836 as they are not fixed in V3.1.5 and advised in SSA-082556"
        }
      ],
      "status": "interim",
      "version": "18"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/\u003e=3.1.0|\u003c3.1.5",
                "product": {
                  "name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)",
                  "product_id": "1",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6ES7518-4AX00-1AB0"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/\u003e=3.1.0|\u003c3.1.5",
                "product": {
                  "name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)",
                  "product_id": "2",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6ES7518-4AX00-1AC0"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/\u003e=3.1.0|\u003c3.1.5",
                "product": {
                  "name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)",
                  "product_id": "3",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6ES7518-4FX00-1AB0"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/\u003e=3.1.0|\u003c3.1.5",
                "product": {
                  "name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)",
                  "product_id": "4",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6ES7518-4FX00-1AC0"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/\u003e=3.1.0|\u003c3.1.5",
                "product": {
                  "name": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)",
                  "product_id": "5",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6AG1518-4AX00-4AC0"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2013-0340",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "expat 2.1.0 and earlier does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue.  NOTE: it could be argued that because expat already provides the ability to disable external entity expansion, the responsibility for resolving this issue lies with application developers; according to this argument, this entry should be REJECTed, and each affected application would need its own CVE.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2013-0340"
    },
    {
      "cve": "CVE-2013-4235",
      "cwe": {
        "id": "CWE-367",
        "name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
      },
      "notes": [
        {
          "category": "summary",
          "text": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2013-4235"
    },
    {
      "cve": "CVE-2014-7209",
      "cwe": {
        "id": "CWE-77",
        "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "run-mailcap in the Debian mime-support package before 3.52-1+deb7u1 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.0,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2014-7209"
    },
    {
      "cve": "CVE-2015-20107",
      "cwe": {
        "id": "CWE-77",
        "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2015-20107"
    },
    {
      "cve": "CVE-2016-3189",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2016-3189"
    },
    {
      "cve": "CVE-2016-3709",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Possible cross-site scripting vulnerability in libxml after commit 960f0e2.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2016-3709"
    },
    {
      "cve": "CVE-2016-4658",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2016-4658"
    },
    {
      "cve": "CVE-2016-5131",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2016-5131"
    },
    {
      "cve": "CVE-2016-9318",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and other products, does not offer a flag directly indicating that the current document may be read but other files may not be opened, which makes it easier for remote attackers to conduct XML External Entity (XXE) attacks via a crafted document.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2016-9318"
    },
    {
      "cve": "CVE-2016-10228",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2016-10228"
    },
    {
      "cve": "CVE-2016-10739",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2016-10739"
    },
    {
      "cve": "CVE-2017-0663",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37104170.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2017-0663"
    },
    {
      "cve": "CVE-2017-7375",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw in libxml2 allows remote XML entity inclusion with default parser flags (i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes). Depending on the context, this may expose a higher-risk attack surface in libxml2 not usually reachable with default parser flags, and expose content from local files, HTTP, or FTP servers (which might be otherwise unreachable).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2017-7375"
    },
    {
      "cve": "CVE-2017-7376",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2017-7376"
    },
    {
      "cve": "CVE-2017-9047",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A buffer overflow was discovered in libxml2 20904-GITv2.9.4-16-g0741801. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer \u0027buf\u0027 of size \u0027size\u0027. The variable len is assigned strlen(buf). If the content-\u003etype is XML_ELEMENT_CONTENT_ELEMENT, then (i) the content-\u003eprefix is appended to buf (if it actually fits) whereupon (ii) content-\u003ename is written to the buffer. However, the check for whether the content-\u003ename actually fits also uses \u0027len\u0027 rather than the updated buffer length strlen(buf). This allows us to write about \"size\" many bytes beyond the allocated memory. This vulnerability causes programs that use libxml2, such as PHP, to crash.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2017-9047"
    },
    {
      "cve": "CVE-2017-9048",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer \u0027buf\u0027 of size \u0027size\u0027. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 \u003c size. This vulnerability causes programs that use libxml2, such as PHP, to crash.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2017-9048"
    },
    {
      "cve": "CVE-2017-9049",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictComputeFastKey function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for libxml2 Bug 759398.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2017-9049"
    },
    {
      "cve": "CVE-2017-9050",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for CVE-2016-1839.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2017-9050"
    },
    {
      "cve": "CVE-2017-15422",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Integer overflow in international date handling in International Components for Unicode (ICU) for C/C++ before 60.1, as used in V8 in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2017-15422"
    },
    {
      "cve": "CVE-2017-16931",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a \u0027%\u0027 character in a DTD name.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2017-16931"
    },
    {
      "cve": "CVE-2017-16932",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2017-16932"
    },
    {
      "cve": "CVE-2017-17512",
      "cwe": {
        "id": "CWE-74",
        "name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "sensible-browser in sensible-utils before 0.0.11 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2017-17512"
    },
    {
      "cve": "CVE-2017-18258",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2017-18258"
    },
    {
      "cve": "CVE-2018-0495",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2018-0495"
    },
    {
      "cve": "CVE-2018-12886",
      "cwe": {
        "id": "CWE-209",
        "name": "Generation of Error Message Containing Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2018-12886"
    },
    {
      "cve": "CVE-2018-14404",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2018-14404"
    },
    {
      "cve": "CVE-2018-14567",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2018-14567"
    },
    {
      "cve": "CVE-2018-18928",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "International Components for Unicode (ICU) for C/C++ 63.1 has an integer overflow in number::impl::DecimalQuantity::toScientificString() in i18n/number_decimalquantity.cpp.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2018-18928"
    },
    {
      "cve": "CVE-2018-19591",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2018-19591"
    },
    {
      "cve": "CVE-2018-20482",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be archived by a different user\u0027s process (e.g., a system backup running as root).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2018-20482"
    },
    {
      "cve": "CVE-2018-20843",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2018-20843"
    },
    {
      "cve": "CVE-2018-25032",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2018-25032"
    },
    {
      "cve": "CVE-2019-3855",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-3855"
    },
    {
      "cve": "CVE-2019-3856",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-3856"
    },
    {
      "cve": "CVE-2019-3857",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-3857"
    },
    {
      "cve": "CVE-2019-3858",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-3858"
    },
    {
      "cve": "CVE-2019-3859",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-3859"
    },
    {
      "cve": "CVE-2019-3860",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-3860"
    },
    {
      "cve": "CVE-2019-3861",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-3861"
    },
    {
      "cve": "CVE-2019-3862",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-3862"
    },
    {
      "cve": "CVE-2019-3863",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-3863"
    },
    {
      "cve": "CVE-2019-5018",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-5018"
    },
    {
      "cve": "CVE-2019-5094",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-5094"
    },
    {
      "cve": "CVE-2019-5188",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-5188"
    },
    {
      "cve": "CVE-2019-5435",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An integer overflow in curl\u0027s URL API results in a buffer overflow in libcurl 7.62.0 to and including 7.64.1.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-5435"
    },
    {
      "cve": "CVE-2019-5436",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-5436"
    },
    {
      "cve": "CVE-2019-5443",
      "cwe": {
        "id": "CWE-427",
        "name": "Uncontrolled Search Path Element"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A non-privileged user or program can put code and a config file in a known non-privileged path (under C:/usr/local/) that will make curl \u003c= 7.65.1 automatically run the code (as an openssl \"engine\") on invocation. If that curl is invoked by a privileged user it can do anything it wants.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-5443"
    },
    {
      "cve": "CVE-2019-5481",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-5481"
    },
    {
      "cve": "CVE-2019-5482",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-5482"
    },
    {
      "cve": "CVE-2019-6109",
      "cwe": {
        "id": "CWE-116",
        "name": "Improper Encoding or Escaping of Output"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-6109"
    },
    {
      "cve": "CVE-2019-6110",
      "cwe": {
        "id": "CWE-838",
        "name": "Inappropriate Encoding for Output Context"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-6110"
    },
    {
      "cve": "CVE-2019-6111",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-6111"
    },
    {
      "cve": "CVE-2019-6488",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The string component in the GNU C Library (aka glibc or libc6) through 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register for size_t in assembly codes, which can lead to a segmentation fault or possibly unspecified other impact, as demonstrated by a crash in __memmove_avx_unaligned_erms in sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S during a memcpy.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-6488"
    },
    {
      "cve": "CVE-2019-7309",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the GNU C Library (aka glibc or libc6) through 2.29, the memcmp function for the x32 architecture can incorrectly return zero (indicating that the inputs are equal) because the RDX most significant bit is mishandled.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-7309"
    },
    {
      "cve": "CVE-2019-8457",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-8457"
    },
    {
      "cve": "CVE-2019-9169",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-9169"
    },
    {
      "cve": "CVE-2019-9636",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached against a given hostname). The components are: urllib.parse.urlsplit, urllib.parse.urlparse. The attack vector is: A specially crafted URL could be incorrectly parsed to locate cookies or authentication data and send that information to a different host than when parsed correctly. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.7, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.3, v3.7.3rc1, v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-9636"
    },
    {
      "cve": "CVE-2019-9674",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-9674"
    },
    {
      "cve": "CVE-2019-9740",
      "cwe": {
        "id": "CWE-93",
        "name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the query string after a ? character) followed by an HTTP header or a Redis command. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-9740"
    },
    {
      "cve": "CVE-2019-9923",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-9923"
    },
    {
      "cve": "CVE-2019-9936",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQLite 3.27.2, running fts5 prefix queries inside a transaction could trigger a heap-based buffer over-read in fts5HashEntrySort in sqlite3.c, which may lead to an information leak. This is related to ext/fts5/fts5_hash.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-9936"
    },
    {
      "cve": "CVE-2019-9937",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQLite 3.27.2, interleaving reads and writes in a single transaction with an fts5 virtual table will lead to a NULL Pointer Dereference in fts5ChunkIterate in sqlite3.c. This is related to ext/fts5/fts5_hash.c and ext/fts5/fts5_index.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-9937"
    },
    {
      "cve": "CVE-2019-9947",
      "cwe": {
        "id": "CWE-93",
        "name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the path component of a URL that lacks a ? character) followed by an HTTP header or a Redis command. This is similar to the CVE-2019-9740 query string issue. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-9947"
    },
    {
      "cve": "CVE-2019-9948",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen(\u0027local_file:///etc/passwd\u0027) call.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-9948"
    },
    {
      "cve": "CVE-2019-10160",
      "cwe": {
        "id": "CWE-172",
        "name": "Encoding Error"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A security regression of CVE-2019-9636 was discovered in python since commit d537ab0ff9767ef024f26246899728f0116b1ec3 affecting versions 2.7, 3.5, 3.6, 3.7 and from v3.8.0a4 through v3.8.0b1, which still allows an attacker to exploit CVE-2019-9636 by abusing the user and password parts of a URL. When an application parses user-supplied URLs to store cookies, authentication credentials, or other kind of information, it is possible for an attacker to provide specially crafted URLs to make the application locate host-related information (e.g. cookies, authentication data) and send them to a different host than where it should, unlike if the URLs had been correctly parsed. The result of an attack may vary based on the application.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-10160"
    },
    {
      "cve": "CVE-2019-11360",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-11360"
    },
    {
      "cve": "CVE-2019-12290",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the inclusion of certain punycoded Unicode characters (that would be discarded when converted first to a Unicode label and then back to an ASCII label), arbitrary domains can be impersonated.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-12290"
    },
    {
      "cve": "CVE-2019-12900",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-12900"
    },
    {
      "cve": "CVE-2019-12904",
      "cwe": {
        "id": "CWE-668",
        "name": "Exposure of Resource to Wrong Sphere"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. (The C implementation is used on platforms where an assembly-language implementation is unavailable.) NOTE: the vendor\u0027s position is that the issue report cannot be validated because there is no description of an attack",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-12904"
    },
    {
      "cve": "CVE-2019-13057",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN (database admin) privileges for certain databases but wants to maintain isolation (e.g., for multi-tenant deployments), slapd does not properly stop a rootDN from requesting authorization as an identity from another database during a SASL bind or with a proxyAuthz (RFC 4370) control. (It is not a common configuration to deploy a system where the server administrator and a DB administrator enjoy different levels of trust.)",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-13057"
    },
    {
      "cve": "CVE-2019-13565",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered in those ACLs. After the first SASL bind is completed, the sasl_ssf value is retained for all new non-SASL connections. Depending on the ACL configuration, this can affect different types of operations (searches, modifications, etc.). In other words, a successful authorization step completed by one user affects the authorization requirement for a different user.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-13565"
    },
    {
      "cve": "CVE-2019-13627",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-13627"
    },
    {
      "cve": "CVE-2019-15847",
      "cwe": {
        "id": "CWE-331",
        "name": "Insufficient Entropy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-15847"
    },
    {
      "cve": "CVE-2019-15903",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-15903"
    },
    {
      "cve": "CVE-2019-16056",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. An attack may be the same as in CVE-2019-11340; however, this CVE applies to Python more generally.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-16056"
    },
    {
      "cve": "CVE-2019-16168",
      "cwe": {
        "id": "CWE-369",
        "name": "Divide By Zero"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a \"severe division by zero in the query planner.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-16168"
    },
    {
      "cve": "CVE-2019-16905",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-16905"
    },
    {
      "cve": "CVE-2019-17498",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-17498"
    },
    {
      "cve": "CVE-2019-17543",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor states \"only a few specific / uncommon usages of the API are at risk.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-17543"
    },
    {
      "cve": "CVE-2019-17594",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-17594"
    },
    {
      "cve": "CVE-2019-17595",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-17595"
    },
    {
      "cve": "CVE-2019-18224",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "idn2_to_ascii_4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-18224"
    },
    {
      "cve": "CVE-2019-18276",
      "cwe": {
        "id": "CWE-273",
        "name": "Improper Check for Dropped Privileges"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems that support \"saved UID\" functionality, the saved UID is not dropped. An attacker with command execution in the shell can use \"enable -f\" for runtime loading of a new builtin, which can be a shared object that calls setuid() and therefore regains privileges. However, binaries running with an effective UID of 0 are unaffected.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-18276"
    },
    {
      "cve": "CVE-2019-18348",
      "cwe": {
        "id": "CWE-74",
        "name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the host component of a URL) followed by an HTTP header. This is similar to the CVE-2019-9740 query string issue and the CVE-2019-9947 path string issue. (This is not exploitable when glibc has CVE-2016-10739 fixed.). This is fixed in: v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1; v3.6.11, v3.6.11rc1, v3.6.12; v3.7.8, v3.7.8rc1, v3.7.9; v3.8.3, v3.8.3rc1, v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-18348"
    },
    {
      "cve": "CVE-2019-19126",
      "cwe": {
        "id": "CWE-665",
        "name": "Improper Initialization"
      },
      "notes": [
        {
          "category": "summary",
          "text": "On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-19126"
    },
    {
      "cve": "CVE-2019-19242",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite 3.30.1 mishandles pExpr-\u003ey.pTab, as demonstrated by the TK_COLUMN case in sqlite3ExprCodeTarget in expr.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-19242"
    },
    {
      "cve": "CVE-2019-19244",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-19244"
    },
    {
      "cve": "CVE-2019-19317",
      "cwe": {
        "id": "CWE-681",
        "name": "Incorrect Conversion between Numeric Types"
      },
      "notes": [
        {
          "category": "summary",
          "text": "lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service or possibly have unspecified other impact.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-19317"
    },
    {
      "cve": "CVE-2019-19603",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-19603"
    },
    {
      "cve": "CVE-2019-19645",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-19645"
    },
    {
      "cve": "CVE-2019-19646",
      "cwe": {
        "id": "CWE-754",
        "name": "Improper Check for Unusual or Exceptional Conditions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-19646"
    },
    {
      "cve": "CVE-2019-19880",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-19880"
    },
    {
      "cve": "CVE-2019-19906",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-19906"
    },
    {
      "cve": "CVE-2019-19923",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-19923"
    },
    {
      "cve": "CVE-2019-19924",
      "cwe": {
        "id": "CWE-755",
        "name": "Improper Handling of Exceptional Conditions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-19924"
    },
    {
      "cve": "CVE-2019-19925",
      "cwe": {
        "id": "CWE-434",
        "name": "Unrestricted Upload of File with Dangerous Type"
      },
      "notes": [
        {
          "category": "summary",
          "text": "zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-19925"
    },
    {
      "cve": "CVE-2019-19926",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-19926"
    },
    {
      "cve": "CVE-2019-19956",
      "cwe": {
        "id": "CWE-772",
        "name": "Missing Release of Resource after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc-\u003eoldNs.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-19956"
    },
    {
      "cve": "CVE-2019-19959",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded \u0027\\0\u0027 characters in filenames, leading to a memory-management error that can be detected by (for example) valgrind.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-19959"
    },
    {
      "cve": "CVE-2019-20218",
      "cwe": {
        "id": "CWE-755",
        "name": "Improper Handling of Exceptional Conditions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-20218"
    },
    {
      "cve": "CVE-2019-20367",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table (strtab).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-20367"
    },
    {
      "cve": "CVE-2019-20388",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-20388"
    },
    {
      "cve": "CVE-2019-20795",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "iproute2 before 5.1.0 has a use-after-free in get_netnsid_from_name in ip/ipnetns.c. NOTE: security relevance may be limited to certain uses of setuid that, although not a default, are sometimes a configuration option offered to end users. Even when setuid is used, other factors (such as C library configuration) may block exploitability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-20795"
    },
    {
      "cve": "CVE-2019-20907",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-20907"
    },
    {
      "cve": "CVE-2019-25013",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-25013"
    },
    {
      "cve": "CVE-2019-1010022",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-1010022"
    },
    {
      "cve": "CVE-2019-1010023",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-1010023"
    },
    {
      "cve": "CVE-2019-1010024",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-1010024"
    },
    {
      "cve": "CVE-2019-1010025",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "summary",
          "text": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor\u0027s position is \"ASLR bypass itself is not a vulnerability.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-1010025"
    },
    {
      "cve": "CVE-2019-1010180",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-1010180"
    },
    {
      "cve": "CVE-2020-1712",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-1712"
    },
    {
      "cve": "CVE-2020-1751",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-1751"
    },
    {
      "cve": "CVE-2020-1752",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-1752"
    },
    {
      "cve": "CVE-2020-6096",
      "cwe": {
        "id": "CWE-195",
        "name": "Signed to Unsigned Conversion Error"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the \u0027num\u0027 parameter results in a signed comparison vulnerability. If an attacker underflows the \u0027num\u0027 parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-6096"
    },
    {
      "cve": "CVE-2020-7595",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-7595"
    },
    {
      "cve": "CVE-2020-8169",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The libcurl library versions 7.62.0 to and including  7.70.0 are vulnerable to an information disclosure vulnerability that can lead to a partial password being leaked over the network and to the DNS server(s).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-8169"
    },
    {
      "cve": "CVE-2020-8177",
      "cwe": {
        "id": "CWE-74",
        "name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-8177"
    },
    {
      "cve": "CVE-2020-8231",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-8231"
    },
    {
      "cve": "CVE-2020-8284",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-8284"
    },
    {
      "cve": "CVE-2020-8285",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-8285"
    },
    {
      "cve": "CVE-2020-8286",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The libcurl library versions 7.41.0 to and including  7.73.0 are vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response. This vulnerability could allow an attacker to pass a revoked certificate as valid.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-8286"
    },
    {
      "cve": "CVE-2020-8315",
      "cwe": {
        "id": "CWE-427",
        "name": "Uncontrolled Search Path Element"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Python (CPython) 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1, an insecure dependency load upon launch on Windows 7 may result in an attacker\u0027s copy of api-ms-win-core-path-l1-1-0.dll being loaded and used instead of the system\u0027s copy. Windows 8 and later are unaffected.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-8315"
    },
    {
      "cve": "CVE-2020-8492",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-8492"
    },
    {
      "cve": "CVE-2020-9327",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-9327"
    },
    {
      "cve": "CVE-2020-10029",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-10029"
    },
    {
      "cve": "CVE-2020-10531",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-10531"
    },
    {
      "cve": "CVE-2020-10543",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-10543"
    },
    {
      "cve": "CVE-2020-10735",
      "cwe": {
        "id": "CWE-704",
        "name": "Incorrect Type Conversion or Cast"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int(\"text\"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-10735"
    },
    {
      "cve": "CVE-2020-10878",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Perl before 5.30.3 has an integer overflow related to mishandling of a \"PL_regkind[OP(n)] == NOTHING\" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-10878"
    },
    {
      "cve": "CVE-2020-11501",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is 3.6.3 (2018-07-16) because of an error in a 2017-10-06 commit. The DTLS client always uses 32 \u0027\\0\u0027 bytes instead of a random value, and thus contributes no randomness to a DTLS negotiation. This breaks the security guarantees of the DTLS protocol.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-11501"
    },
    {
      "cve": "CVE-2020-11655",
      "cwe": {
        "id": "CWE-665",
        "name": "Improper Initialization"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object\u0027s initialization is mishandled.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-11655"
    },
    {
      "cve": "CVE-2020-11656",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-11656"
    },
    {
      "cve": "CVE-2020-12062",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call failure, which allows a malicious unprivileged user on the remote server to overwrite arbitrary files in the client\u0027s download directory by creating a crafted subdirectory anywhere on the remote server. The victim must use the command scp -rp to download a file hierarchy containing, anywhere inside, this crafted subdirectory. NOTE: the vendor points out that \"this attack can achieve no more than a hostile peer is already able to achieve within the scp protocol\" and \"utimes does not fail under normal circumstances.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-12062"
    },
    {
      "cve": "CVE-2020-12243",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "mitigation",
          "details": "Limit remote access to port 22350/tcp on systems where the Codemeter runtime network server is running (for details refer to the updated security manual of WinCC OA).",
          "product_ids": [
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-12243"
    },
    {
      "cve": "CVE-2020-12723",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-12723"
    },
    {
      "cve": "CVE-2020-12762",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-12762"
    },
    {
      "cve": "CVE-2020-13434",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-13434"
    },
    {
      "cve": "CVE-2020-13435",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-13435"
    },
    {
      "cve": "CVE-2020-13529",
      "cwe": {
        "id": "CWE-290",
        "name": "Authentication Bypass by Spoofing"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-13529"
    },
    {
      "cve": "CVE-2020-13630",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-13630"
    },
    {
      "cve": "CVE-2020-13631",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-13631"
    },
    {
      "cve": "CVE-2020-13632",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-13632"
    },
    {
      "cve": "CVE-2020-13776",
      "cwe": {
        "id": "CWE-269",
        "name": "Improper Privilege Management"
      },
      "notes": [
        {
          "category": "summary",
          "text": "systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-13776"
    },
    {
      "cve": "CVE-2020-13777",
      "cwe": {
        "id": "CWE-327",
        "name": "Use of a Broken or Risky Cryptographic Algorithm"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until the first key rotation, the TLS server always uses wrong data in place of an encryption key derived from an application.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-13777"
    },
    {
      "cve": "CVE-2020-13871",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-13871"
    },
    {
      "cve": "CVE-2020-14145",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-14145"
    },
    {
      "cve": "CVE-2020-14422",
      "cwe": {
        "id": "CWE-682",
        "name": "Incorrect Calculation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this attacker can cause many dictionary entries to be created. This is fixed in: v3.5.10, v3.5.10rc1; v3.6.12; v3.7.9; v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1; v3.9.0, v3.9.0b4, v3.9.0b5, v3.9.0rc1, v3.9.0rc2.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-14422"
    },
    {
      "cve": "CVE-2020-15358",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-15358"
    },
    {
      "cve": "CVE-2020-15523",
      "cwe": {
        "id": "CWE-427",
        "name": "Uncontrolled Search Path Element"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, and 3.9 through 3.9.0b4 on Windows, a Trojan horse python3.dll might be used in cases where CPython is embedded in a native application. This occurs because python3X.dll may use an invalid search path for python3.dll loading (after Py_SetPath has been used). NOTE: this issue CANNOT occur when using python.exe from a standard (non-embedded) Python installation on Windows.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-15523"
    },
    {
      "cve": "CVE-2020-15778",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of \"anomalous argument transfers\" because that could \"stand a great chance of breaking existing workflows.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-15778"
    },
    {
      "cve": "CVE-2020-15801",
      "cwe": {
        "id": "CWE-426",
        "name": "Untrusted Search Path"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Python 3.8.4, sys.path restrictions specified in a python38._pth file are ignored, allowing code to be loaded from arbitrary locations. The \u003cexecutable-name\u003e._pth file (e.g., the python._pth file) is not affected.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-15801"
    },
    {
      "cve": "CVE-2020-19185",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Buffer Overflow vulnerability in one_one_mapping function in progs/dump_entry.c:1373 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-19185"
    },
    {
      "cve": "CVE-2020-19186",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Buffer Overflow vulnerability in _nc_find_entry function in tinfo/comp_hash.c:66 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-19186"
    },
    {
      "cve": "CVE-2020-19187",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1100 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-19187"
    },
    {
      "cve": "CVE-2020-19188",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1116 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-19188"
    },
    {
      "cve": "CVE-2020-19189",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Buffer Overflow vulnerability in postprocess_terminfo function in tinfo/parse_entry.c:997 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-19189"
    },
    {
      "cve": "CVE-2020-19190",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Buffer Overflow vulnerability in _nc_find_entry in tinfo/comp_hash.c:70 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-19190"
    },
    {
      "cve": "CVE-2020-19909",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via a large value as the retry delay. NOTE: many parties report that this has no direct security impact on the curl user; however, it may (in theory) cause a denial of service to associated systems or networks if, for example, --retry-delay is misinterpreted as a value much smaller than what was intended. This is not especially plausible because the overflow only happens if the user was trying to specify that curl should wait weeks (or longer) before trying to recover from a transient error.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-19909"
    },
    {
      "cve": "CVE-2020-21047",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The libcpu component which is used by libasm of elfutils version 0.177 (git 47780c9e), suffers from denial-of-service vulnerability caused by application crashes due to out-of-bounds write (CWE-787), off-by-one error (CWE-193) and reachable assertion (CWE-617); to exploit the vulnerability, the attackers need to craft certain ELF files which bypass the missing bound checks.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-21047"
    },
    {
      "cve": "CVE-2020-21913",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "International Components for Unicode (ICU-20850) v66.1 was discovered to contain a use after free bug in the pkg_createWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-21913"
    },
    {
      "cve": "CVE-2020-22218",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access out of bounds memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-22218"
    },
    {
      "cve": "CVE-2020-24659",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application\u0027s error handling path, where the gnutls_deinit function is called after detecting a handshake failure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-24659"
    },
    {
      "cve": "CVE-2020-24977",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-24977"
    },
    {
      "cve": "CVE-2020-25692",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-25692"
    },
    {
      "cve": "CVE-2020-25709",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP\u2019s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-25709"
    },
    {
      "cve": "CVE-2020-25710",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-25710"
    },
    {
      "cve": "CVE-2020-26116",
      "cwe": {
        "id": "CWE-74",
        "name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-26116"
    },
    {
      "cve": "CVE-2020-27618",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-27618"
    },
    {
      "cve": "CVE-2020-28196",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-28196"
    },
    {
      "cve": "CVE-2020-29361",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations in the p11-kit library and the p11-kit list command, where overflow checks are missing before calling realloc or calloc.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-29361"
    },
    {
      "cve": "CVE-2020-29362",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in p11-kit 0.21.1 through 0.23.21. A heap-based buffer over-read has been discovered in the RPC protocol used by thep11-kit server/remote commands and the client library. When the remote entity supplies a byte array through a serialized PKCS#11 function call, the receiving entity may allow the reading of up to 4 bytes of memory past the heap allocation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-29362"
    },
    {
      "cve": "CVE-2020-29363",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in p11-kit 0.23.6 through 0.23.21. A heap-based buffer overflow has been discovered in the RPC protocol used by p11-kit server/remote commands and the client library. When the remote entity supplies a serialized byte array in a CK_ATTRIBUTE, the receiving entity may not allocate sufficient length for the buffer to store the deserialized value.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-29363"
    },
    {
      "cve": "CVE-2020-29562",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-29562"
    },
    {
      "cve": "CVE-2020-29573",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \\x00\\x04\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x04 value to sprintf. NOTE: the issue does not affect glibc by default in 2016 or later (i.e., 2.23 or later) because of commits made in 2015 for inlining of C99 math functions through use of GCC built-ins. In other words, the reference to 2.23 is intentional despite the mention of \"Fixed for glibc 2.33\" in the 26649 reference.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-29573"
    },
    {
      "cve": "CVE-2020-35525",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQlite 3.31.1, a potential null pointer derreference was found in the INTERSEC query processing.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-35525"
    },
    {
      "cve": "CVE-2020-35527",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQLite 3.31.1, there is an out of bounds access problem through ALTER TABLE for views that have a nested FROM clause.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-35527"
    },
    {
      "cve": "CVE-2020-36221",
      "cwe": {
        "id": "CWE-191",
        "name": "Integer Underflow (Wrap or Wraparound)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-36221"
    },
    {
      "cve": "CVE-2020-36222",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-36222"
    },
    {
      "cve": "CVE-2020-36223",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-36223"
    },
    {
      "cve": "CVE-2020-36224",
      "cwe": {
        "id": "CWE-763",
        "name": "Release of Invalid Pointer or Reference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-36224"
    },
    {
      "cve": "CVE-2020-36225",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-36225"
    },
    {
      "cve": "CVE-2020-36226",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch-\u003ebv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-36226"
    },
    {
      "cve": "CVE-2020-36227",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-36227"
    },
    {
      "cve": "CVE-2020-36228",
      "cwe": {
        "id": "CWE-191",
        "name": "Integer Underflow (Wrap or Wraparound)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-36228"
    },
    {
      "cve": "CVE-2020-36229",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-36229"
    },
    {
      "cve": "CVE-2020-36230",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-36230"
    },
    {
      "cve": "CVE-2021-3177",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-3177"
    },
    {
      "cve": "CVE-2021-3326",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-3326"
    },
    {
      "cve": "CVE-2021-3426",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There\u0027s a flaw in Python 3\u0027s pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to access. The highest risk of this flaw is to data confidentiality. This flaw affects Python versions before 3.8.9, Python versions before 3.9.3 and Python versions before 3.10.0a7.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-3426"
    },
    {
      "cve": "CVE-2021-3516",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There\u0027s a flaw in libxml2\u0027s xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-3516"
    },
    {
      "cve": "CVE-2021-3517",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to application availability, with some potential impact to confidentiality and integrity if an attacker is able to use memory information to further exploit the application.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-3517"
    },
    {
      "cve": "CVE-2021-3518",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There\u0027s a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-3518"
    },
    {
      "cve": "CVE-2021-3520",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There\u0027s a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-3520"
    },
    {
      "cve": "CVE-2021-3537",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-3537"
    },
    {
      "cve": "CVE-2021-3541",
      "cwe": {
        "id": "CWE-776",
        "name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-3541"
    },
    {
      "cve": "CVE-2021-3580",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the way nettle\u0027s RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-3580"
    },
    {
      "cve": "CVE-2021-3733",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There\u0027s a flaw in urllib\u0027s AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specially crafted payload that is sent by the server to the client. The greatest threat that this flaw poses is to application availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-3733"
    },
    {
      "cve": "CVE-2021-3737",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-3737"
    },
    {
      "cve": "CVE-2021-3826",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Heap/stack buffer overflow in the dlang_lname function in d-demangle.c in libiberty allows attackers to potentially cause a denial of service (segmentation fault and crash) via a crafted mangled symbol.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-3826"
    },
    {
      "cve": "CVE-2021-3997",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-3997"
    },
    {
      "cve": "CVE-2021-3998",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-3998"
    },
    {
      "cve": "CVE-2021-3999",
      "cwe": {
        "id": "CWE-193",
        "name": "Off-by-one Error"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-3999"
    },
    {
      "cve": "CVE-2021-4122",
      "cwe": {
        "id": "CWE-345",
        "name": "Insufficient Verification of Data Authenticity"
      },
      "notes": [
        {
          "category": "summary",
          "text": "It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device. An attacker with physical access to the medium, such as a flash disk, could use this flaw to force a user into permanently disabling the encryption layer of that medium.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-4122"
    },
    {
      "cve": "CVE-2021-4189",
      "cwe": {
        "id": "CWE-252",
        "name": "Unchecked Return Value"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP server that can trick FTP clients into connecting back to a given IP address and port. This vulnerability could lead to FTP client scanning ports, which otherwise would not have been possible.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-4189"
    },
    {
      "cve": "CVE-2021-4209",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference flaw was found in GnuTLS. As Nettle\u0027s hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-4209"
    },
    {
      "cve": "CVE-2021-20193",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the src/list.c of tar 1.33 and earlier. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-20193"
    },
    {
      "cve": "CVE-2021-20227",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in SQLite\u0027s SELECT query functionality (src/select.c). This flaw allows an attacker who is capable of running SQL queries locally on the SQLite database to cause a denial of service or possible code execution by triggering a use-after-free. The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-20227"
    },
    {
      "cve": "CVE-2021-20231",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other consequences.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-20231"
    },
    {
      "cve": "CVE-2021-20232",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-20232"
    },
    {
      "cve": "CVE-2021-20305",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA \u0026 ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-20305"
    },
    {
      "cve": "CVE-2021-22876",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl 7.1.1 to and including 7.75.0 is vulnerable to an \"Exposure of Private Personal Information to an Unauthorized Actor\" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leaking sensitive data to the server that is the target of the second HTTP request.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-22876"
    },
    {
      "cve": "CVE-2021-22890",
      "cwe": {
        "id": "CWE-290",
        "name": "Authentication Bypass by Spoofing"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets. When using a HTTPS proxy and TLS 1.3, libcurl can confuse session tickets arriving from the HTTPS proxy but work as if they arrived from the remote server and then wrongly \"short-cut\" the host handshake. When confusing the tickets, a HTTPS proxy can trick libcurl to use the wrong session ticket resume for the host and thereby circumvent the server TLS certificate check and make a MITM attack to be possible to perform unnoticed. Note that such a malicious HTTPS proxy needs to provide a certificate that curl will accept for the MITMed server for an attack to work - unless curl has been told to ignore the server certificate check.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-22890"
    },
    {
      "cve": "CVE-2021-22897",
      "cwe": {
        "id": "CWE-668",
        "name": "Exposure of Resource to Wrong Sphere"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The selected cipher set was stored in a single \"static\" variable in the library, which has the surprising side-effect that if an application sets up multiple concurrent transfers, the last one that sets the ciphers will accidentally control the set used by all transfers. In a worst-case scenario, this weakens transport security significantly.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-22897"
    },
    {
      "cve": "CVE-2021-22898",
      "cwe": {
        "id": "CWE-909",
        "name": "Missing Initialization of Resource"
      },
      "notes": [
        {
          "category": "summary",
          "text": "**NOTE: CVE-2021-22898 is an incomplete fix (see https://hackerone.com/reports/1223882)! Check if affected products also have fixed CVE-22925 instead! Do not use CVE-2021-22898 in public advisories!**\r\n\r\ncurl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEW_ENV variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the server, resulting in potentially revealing sensitive internal information to the server using a clear-text network protocol.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-22898"
    },
    {
      "cve": "CVE-2021-22901",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. A malicious server can use this in rare unfortunate circumstances to potentially reach remote code execution in the client. When libcurl at run-time sets up support for TLS 1.3 session tickets on a connection using OpenSSL, it stores pointers to the transfer in-memory object for later retrieval when a session ticket arrives. If the connection is used by multiple transfers (like with a reused HTTP/1.1 connection or multiplexed HTTP/2 connection) that first transfer object might be freed before the new session is established on that connection and then the function will access a memory buffer that might be freed. When using that memory, libcurl might even call a function pointer in the object, making it possible for a remote code execution if the server could somehow manage to get crafted memory content into the correct place in memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-22901"
    },
    {
      "cve": "CVE-2021-22922",
      "cwe": {
        "id": "CWE-354",
        "name": "Improper Validation of Integrity Check Value"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The metalink XML file points out to the client how to get the same contentfrom a set of different URLs, potentially hosted by different servers and theclient can then download the file from one or several of them. In a serial orparallel manner.If one of the servers hosting the contents has been breached and the contentsof the specific file on that server is replaced with a modified payload, curlshould detect this when the hash of the file mismatches after a completeddownload. It should remove the contents and instead try getting the contentsfrom another URL. This is not done, and instead such a hash mismatch is onlymentioned in text and the potentially malicious content is kept in the file ondisk.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-22922"
    },
    {
      "cve": "CVE-2021-22923",
      "cwe": {
        "id": "CWE-522",
        "name": "Insufficiently Protected Credentials"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download the contents from. Often contrary to the user\u0027s expectations and intentions and without telling the user it happened.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-22923"
    },
    {
      "cve": "CVE-2021-22924",
      "cwe": {
        "id": "CWE-706",
        "name": "Use of Incorrectly-Resolved Name or Reference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse, if one of them matches the setup. Due to errors in the logic, the config matching function did not take \u0027issuercert\u0027 into account and it compared the involved paths *case insensitively*, which could lead to libcurl reusing wrong connections. File paths are, or can be, case sensitive on many systems but not all, and can even vary depending on used file systems. The comparison also didn\u0027t include the \u0027issuer cert\u0027 which a transfer can set to qualify how to verify the server certificate.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-22924"
    },
    {
      "cve": "CVE-2021-22925",
      "cwe": {
        "id": "CWE-908",
        "name": "Use of Uninitialized Resource"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl. This rarely used option is used to send variable=content pairs to TELNET servers. Due to flaw in the option parser for sending `NEW_ENV` variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the server. Therefore potentially revealing sensitive internal information to the server using a clear-text network protocol. This could happen because curl did not call and use sscanf() correctly when parsing the string provided by the application.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-22925"
    },
    {
      "cve": "CVE-2021-22926",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl-using applications can ask for a specific client certificate to be used in a transfer. This is done with the `CURLOPT_SSLCERT` option (`--cert` with the command line tool).When libcurl is built to use the macOS native TLS library Secure Transport, an application can ask for the client certificate by name or with a file name - using the same option. If the name exists as a file, it will be used instead of by name.If the appliction runs with a current working directory that is writable by other users (like `/tmp`), a malicious user can create a file name with the same name as the app wants to use by name, and thereby trick the application to use the file based cert instead of the one referred to by name making libcurl send the wrong client certificate in the TLS connection handshake.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-22926"
    },
    {
      "cve": "CVE-2021-22945",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When sending data to an MQTT server, libcurl \u003c= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it *again*.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-22945"
    },
    {
      "cve": "CVE-2021-22946",
      "cwe": {
        "id": "CWE-319",
        "name": "Cleartext Transmission of Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A user can tell curl \u003e= 7.20.0 and \u003c= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be bypassed if the server would return a properly crafted but perfectly legitimate response.This flaw would then make curl silently continue its operations **withoutTLS** contrary to the instructions and expectations, exposing possibly sensitive data in clear text over the network.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-22946"
    },
    {
      "cve": "CVE-2021-22947",
      "cwe": {
        "id": "CWE-345",
        "name": "Insufficient Verification of Data Authenticity"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When curl \u003e= 7.20.0 and \u003c= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. curl would then upgrade to TLS but not flush the in-queue of cached responses but instead continue using and trustingthe responses it got *before* the TLS handshake as if they were authenticated.Using this flaw, it allows a Man-In-The-Middle attacker to first inject the fake responses, then pass-through the TLS traffic from the legitimate server and trick curl into sending data back to the user thinking the attacker\u0027s injected data comes from the TLS-protected server.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-22947"
    },
    {
      "cve": "CVE-2021-23336",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-23336"
    },
    {
      "cve": "CVE-2021-27212",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-27212"
    },
    {
      "cve": "CVE-2021-27218",
      "cwe": {
        "id": "CWE-681",
        "name": "Incorrect Conversion between Numeric Types"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If g_byte_array_new_take() was called with a buffer of 4GB or more on a 64-bit platform, the length would be truncated modulo 2**32, causing unintended length truncation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-27218"
    },
    {
      "cve": "CVE-2021-27219",
      "cwe": {
        "id": "CWE-681",
        "name": "Incorrect Conversion between Numeric Types"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function g_bytes_new has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to memory corruption.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-27219"
    },
    {
      "cve": "CVE-2021-27645",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-27645"
    },
    {
      "cve": "CVE-2021-28041",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-28041"
    },
    {
      "cve": "CVE-2021-28153",
      "cwe": {
        "id": "CWE-59",
        "name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in GNOME GLib before 2.66.8. When g_file_replace() is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink, it incorrectly also creates the target of the symlink as an empty file, which could conceivably have security relevance if the symlink is attacker-controlled. (If the path is a symlink to a file that already exists, then the contents of that file correctly remain unchanged.)",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-28153"
    },
    {
      "cve": "CVE-2021-28363",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The urllib3 library 1.26.x before 1.26.4 for Python omits SSL certificate validation in some cases involving HTTPS to HTTPS proxies. The initial connection to the HTTPS proxy (if an SSLContext isn\u0027t given via proxy_config) doesn\u0027t verify the hostname of the certificate. This means certificates for different servers that still validate properly with the default urllib3 SSLContext will be silently accepted.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-28363"
    },
    {
      "cve": "CVE-2021-28861",
      "cwe": {
        "id": "CWE-601",
        "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation page states \"Warning: http.server is not recommended for production. It only implements basic security checks.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-28861"
    },
    {
      "cve": "CVE-2021-31239",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue found in SQLite SQLite3 v.3.35.4 that could allow a remote attacker to cause a denial of service via the appendvfs.c function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-31239"
    },
    {
      "cve": "CVE-2021-32292",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in json-c from 20200420 (post 0.14 unreleased code) through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary sample program json_parse which is located in the function parseit.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-32292"
    },
    {
      "cve": "CVE-2021-33294",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In elfutils 0.183, an infinite loop was found in the function handle_symtab in readelf.c .Which allows attackers to cause a denial of service (infinite loop) via crafted file.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-33294"
    },
    {
      "cve": "CVE-2021-33560",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-33560"
    },
    {
      "cve": "CVE-2021-33574",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-33574"
    },
    {
      "cve": "CVE-2021-33910",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The use of alloca function with an uncontrolled size in function unit_name_path_escape allows a local attacker, able to mount a filesystem on a very long path, to crash systemd and the whole system by allocating a very large space in the stack.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-33910"
    },
    {
      "cve": "CVE-2021-35942",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-35942"
    },
    {
      "cve": "CVE-2021-36084",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-36084"
    },
    {
      "cve": "CVE-2021-36085",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-36085"
    },
    {
      "cve": "CVE-2021-36086",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-36086"
    },
    {
      "cve": "CVE-2021-36087",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-36087"
    },
    {
      "cve": "CVE-2021-36222",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a certain situation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-36222"
    },
    {
      "cve": "CVE-2021-36690",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges (e.g., is intentionally allowed to execute commands). This report does NOT imply any problem in the SQLite library.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-36690"
    },
    {
      "cve": "CVE-2021-37600",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library environments, and possibly in all realistic environments",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "mitigation",
          "details": "For earlier versions see the recommendations from section Workarounds and Mitigations",
          "product_ids": [
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-37600"
    },
    {
      "cve": "CVE-2021-37750",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "mitigation",
          "details": "For earlier versions see the recommendations from section Workarounds and Mitigations",
          "product_ids": [
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-37750"
    },
    {
      "cve": "CVE-2021-38604",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 fix.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-38604"
    },
    {
      "cve": "CVE-2021-43396",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "** DISPUTED ** In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious \u0027\\0\u0027 character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This may affect data integrity in certain iconv() use cases. NOTE: the vendor states \"the bug cannot be invoked through user input and requires iconv to be invoked with a NULL inbuf, which ought to require a separate application bug to do so unintentionally. Hence there\u0027s no security impact to the bug.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-43396"
    },
    {
      "cve": "CVE-2021-43618",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-43618"
    },
    {
      "cve": "CVE-2021-44879",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-44879"
    },
    {
      "cve": "CVE-2021-45960",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-45960"
    },
    {
      "cve": "CVE-2021-46143",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-46143"
    },
    {
      "cve": "CVE-2021-46195",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service (DoS) by consuming excessive CPU and memory resources.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-46195"
    },
    {
      "cve": "CVE-2021-46828",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-46828"
    },
    {
      "cve": "CVE-2021-46848",
      "cwe": {
        "id": "CWE-193",
        "name": "Off-by-one Error"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-46848"
    },
    {
      "cve": "CVE-2022-0391",
      "cwe": {
        "id": "CWE-74",
        "name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like \u0027\\r\u0027 and \u0027\\n\u0027 in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1, 3.9.5, 3.8.11, 3.7.11 and 3.6.14.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-0391"
    },
    {
      "cve": "CVE-2022-0563",
      "cwe": {
        "id": "CWE-209",
        "name": "Generation of Error Message Containing Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an \"INPUTRC\" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-0563"
    },
    {
      "cve": "CVE-2022-0778",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The BN_mod_sqrt() function in openSSL, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-0778"
    },
    {
      "cve": "CVE-2022-1271",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An arbitrary file write vulnerability was found in GNU gzip\u0027s zgrep utility. When zgrep is applied on the attacker\u0027s chosen file name (for example, a crafted file name), this can overwrite an attacker\u0027s content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-1271"
    },
    {
      "cve": "CVE-2022-1292",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The c_rehash script does not properly sanitise shell metacharacters to prevent command injection.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-1292"
    },
    {
      "cve": "CVE-2022-1304",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-1304"
    },
    {
      "cve": "CVE-2022-1343",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Under certain circumstances, the command line OCSP verify function reports successful verification when the verification in fact failed. In this case the incorrect successful response will also be accompanied by error messages showing the failure and contradicting the apparently successful result.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-1343"
    },
    {
      "cve": "CVE-2022-1434",
      "cwe": {
        "id": "CWE-327",
        "name": "Use of a Broken or Risky Cryptographic Algorithm"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When using the RC4-MD5 ciphersuite, which is disabled by default, an attacker is able to modify data in transit due to an incorrect use of the AAD data as the MAC key in OpenSSL 3.0. An attacker is not able to decrypt any communication.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-1434"
    },
    {
      "cve": "CVE-2022-1473",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The used OpenSSL version improperly reuses memory when decoding certificates or keys. This can lead to a process termination and Denial of Service for long lived processes.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-1473"
    },
    {
      "cve": "CVE-2022-2068",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-2068"
    },
    {
      "cve": "CVE-2022-2097",
      "cwe": {
        "id": "CWE-326",
        "name": "Inadequate Encryption Strength"
      },
      "notes": [
        {
          "category": "summary",
          "text": "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn\u0027t written. In the special case of \"in place\" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-2097"
    },
    {
      "cve": "CVE-2022-2274",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. SSL/TLS servers or other servers using 2048 bit RSA private keys running on machines supporting AVX512IFMA instructions of the X86_64 architecture are affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-2274"
    },
    {
      "cve": "CVE-2022-2509",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-2509"
    },
    {
      "cve": "CVE-2022-3715",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-3715"
    },
    {
      "cve": "CVE-2022-3821",
      "cwe": {
        "id": "CWE-193",
        "name": "Off-by-one Error"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-3821"
    },
    {
      "cve": "CVE-2022-4304",
      "cwe": {
        "id": "CWE-326",
        "name": "Inadequate Encryption Strength"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Disable the use of RSA ciphers in the web server configuration; note that RSA ciphers are disabled by default",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-4304"
    },
    {
      "cve": "CVE-2022-4450",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the \"name\" (e.g. \"CERTIFICATE\"), any header data and the payload data. If the function succeeds then the \"name_out\", \"header\" and \"data\" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Do not import or configure certificate files in PEM format from untrusted sources",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-4450"
    },
    {
      "cve": "CVE-2022-22576",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-22576"
    },
    {
      "cve": "CVE-2022-22822",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-22822"
    },
    {
      "cve": "CVE-2022-22823",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-22823"
    },
    {
      "cve": "CVE-2022-22824",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-22824"
    },
    {
      "cve": "CVE-2022-22825",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-22825"
    },
    {
      "cve": "CVE-2022-22826",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-22826"
    },
    {
      "cve": "CVE-2022-22827",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-22827"
    },
    {
      "cve": "CVE-2022-23218",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-23218"
    },
    {
      "cve": "CVE-2022-23219",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-23219"
    },
    {
      "cve": "CVE-2022-23308",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-23308"
    },
    {
      "cve": "CVE-2022-23852",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-23852"
    },
    {
      "cve": "CVE-2022-23990",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-23990"
    },
    {
      "cve": "CVE-2022-24407",
      "cwe": {
        "id": "CWE-89",
        "name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-24407"
    },
    {
      "cve": "CVE-2022-25235",
      "cwe": {
        "id": "CWE-116",
        "name": "Improper Encoding or Escaping of Output"
      },
      "notes": [
        {
          "category": "summary",
          "text": "xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-25235"
    },
    {
      "cve": "CVE-2022-25236",
      "cwe": {
        "id": "CWE-668",
        "name": "Exposure of Resource to Wrong Sphere"
      },
      "notes": [
        {
          "category": "summary",
          "text": "xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-25236"
    },
    {
      "cve": "CVE-2022-25313",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-25313"
    },
    {
      "cve": "CVE-2022-25314",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-25314"
    },
    {
      "cve": "CVE-2022-25315",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-25315"
    },
    {
      "cve": "CVE-2022-26488",
      "cwe": {
        "id": "CWE-426",
        "name": "Untrusted Search Path"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local attacker to add user-writable directories to the system search path. To exploit, an administrator must have installed Python for all users and enabled PATH entries. A non-administrative user can trigger a repair that incorrectly adds user-writable paths into PATH, enabling search-path hijacking of other users and system services. This affects Python (CPython) through 3.7.12, 3.8.x through 3.8.12, 3.9.x through 3.9.10, and 3.10.x through 3.10.2.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-26488"
    },
    {
      "cve": "CVE-2022-27774",
      "cwe": {
        "id": "CWE-522",
        "name": "Insufficiently Protected Credentials"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-27774"
    },
    {
      "cve": "CVE-2022-27775",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-27775"
    },
    {
      "cve": "CVE-2022-27776",
      "cwe": {
        "id": "CWE-522",
        "name": "Insufficiently Protected Credentials"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-27776"
    },
    {
      "cve": "CVE-2022-27778",
      "cwe": {
        "id": "CWE-706",
        "name": "Use of Incorrectly-Resolved Name or Reference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when `--no-clobber` is used together with `--remove-on-error`.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-27778"
    },
    {
      "cve": "CVE-2022-27779",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl wrongly allows cookies to be set for Top Level Domains (TLDs) if thehost name is provided with a trailing dot.curl can be told to receive and send cookies. curl\u0027s \"cookie engine\" can bebuilt with or without [Public Suffix List](https://publicsuffix.org/)awareness. If PSL support not provided, a more rudimentary check exists to atleast prevent cookies from being set on TLDs. This check was broken if thehost name in the URL uses a trailing dot.This can allow arbitrary sites to set cookies that then would get sent to adifferent and unrelated site or domain.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-27779"
    },
    {
      "cve": "CVE-2022-27780",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The curl URL parser wrongly accepts percent-encoded URL separators like \u0027/\u0027when decoding the host name part of a URL, making it a *different* URL usingthe wrong host name when it is later retrieved.For example, a URL like `http://example.com%2F127.0.0.1/`, would be allowed bythe parser and get transposed into `http://example.com/127.0.0.1/`. This flawcan be used to circumvent filters, checks and more.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-27780"
    },
    {
      "cve": "CVE-2022-27781",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server\u0027s certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-27781"
    },
    {
      "cve": "CVE-2022-27782",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-27782"
    },
    {
      "cve": "CVE-2022-27943",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-27943"
    },
    {
      "cve": "CVE-2022-28321",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn\u0027t correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a machine can still get access. NOTE: the relevance of this issue is largely limited to openSUSE Tumbleweed and openSUSE Factory; it does not affect Linux-PAM upstream.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-28321"
    },
    {
      "cve": "CVE-2022-29155",
      "cwe": {
        "id": "CWE-89",
        "name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-29155"
    },
    {
      "cve": "CVE-2022-29824",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don\u0027t check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2\u0027s buffer functions, for example libxslt through 1.1.35, is affected as well.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-29824"
    },
    {
      "cve": "CVE-2022-30115",
      "cwe": {
        "id": "CWE-319",
        "name": "Cleartext Transmission of Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Using its HSTS support, curl can be instructed to use HTTPS directly insteadof using an insecure clear-text HTTP step even when HTTP is provided in theURL. This mechanism could be bypassed if the host name in the given URL used atrailing dot while not using one when it built the HSTS cache. Or the otherway around - by having the trailing dot in the HSTS cache and *not* using thetrailing dot in the URL.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-30115"
    },
    {
      "cve": "CVE-2022-32205",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A malicious server can serve excessive amounts of \"Set-Cookie:\" headers in a HTTP response to curl and curl \u003c 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger than the threshold that curl uses internally to avoid sending crazy large requests (1048576 bytes) and instead returns an error.This denial state might remain for as long as the same cookies are kept, match and haven\u0027t expired. Due to cookie matching rules, a server on \"foo.example.com\" can set cookies that also would match for \"bar.example.com\", making it it possible for a \"sister server\" to effectively cause a denial of service for a sibling site on the same second level domain using this method.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-32205"
    },
    {
      "cve": "CVE-2022-32206",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl \u003c 7.84.0 supports \"chained\" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable \"links\" in this \"decompression chain\" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a \"malloc bomb\", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-32206"
    },
    {
      "cve": "CVE-2022-32207",
      "cwe": {
        "id": "CWE-276",
        "name": "Incorrect Default Permissions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When curl \u003c 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-32207"
    },
    {
      "cve": "CVE-2022-32208",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When curl \u003c 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-32208"
    },
    {
      "cve": "CVE-2022-32221",
      "cwe": {
        "id": "CWE-440",
        "name": "Expected Behavior Violation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously was used to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent `POST` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-32221"
    },
    {
      "cve": "CVE-2022-35252",
      "cwe": {
        "id": "CWE-1286",
        "name": "Improper Validation of Syntactic Correctness of Input"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a\"sister site\" to deny service to all siblings.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-35252"
    },
    {
      "cve": "CVE-2022-35260",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl can be told to parse a `.netrc` file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will in most cases cause a segfault or similar, but circumstances might also cause different outcomes.If a malicious user can provide a custom netrc file to an application or otherwise affect its contents, this flaw could be used as denial-of-service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-35260"
    },
    {
      "cve": "CVE-2022-35737",
      "cwe": {
        "id": "CWE-129",
        "name": "Improper Validation of Array Index"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-35737"
    },
    {
      "cve": "CVE-2022-37434",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-37434"
    },
    {
      "cve": "CVE-2022-37454",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-37454"
    },
    {
      "cve": "CVE-2022-40303",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-40303"
    },
    {
      "cve": "CVE-2022-40304",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-40304"
    },
    {
      "cve": "CVE-2022-40674",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-40674"
    },
    {
      "cve": "CVE-2022-42898",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has \"a similar bug.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-42898"
    },
    {
      "cve": "CVE-2022-42915",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl before 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a non-HTTP(S) URL, it sets up the connection to the remote server by issuing a CONNECT request to the proxy, and then tunnels the rest of the protocol through. An HTTP proxy might refuse this request (HTTP proxies often only allow outgoing connections to specific port numbers, like 443 for HTTPS) and instead return a non-200 status code to the client. Due to flaws in the error/cleanup handling, this could trigger a double free in curl if one of the following schemes were used in the URL for the transfer: dict, gopher, gophers, ldap, ldaps, rtmp, rtmps, or telnet. The earliest affected version is 7.77.0.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-42915"
    },
    {
      "cve": "CVE-2022-42916",
      "cwe": {
        "id": "CWE-319",
        "name": "Cleartext Transmission of Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In curl before 7.86.0, the HSTS check could be bypassed to trick it into staying with HTTP. Using its HSTS support, curl can be instructed to use HTTPS directly (instead of using an insecure cleartext HTTP step) even when HTTP is provided in the URL. This mechanism could be bypassed if the host name in the given URL uses IDN characters that get replaced with ASCII counterparts as part of the IDN conversion, e.g., using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop of U+002E (.). The earliest affected version is 7.77.0 2021-05-26.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-42916"
    },
    {
      "cve": "CVE-2022-43551",
      "cwe": {
        "id": "CWE-319",
        "name": "Cleartext Transmission of Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability exists in curl \u003c7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. However, the HSTS mechanism could be bypassed if the host name in the given URL first uses IDN characters that get replaced to ASCII counterparts as part of the IDN conversion. Like using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop U+002E (.). Then in a subsequent request, it does not detect the HSTS state and makes a clear text transfer. Because it would store the info IDN encoded but look for it IDN decoded.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-43551"
    },
    {
      "cve": "CVE-2022-43552",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl can be asked to tunnel virtually all protocols it supports through an HTTP proxy. HTTP proxies can (and often do) deny such tunnel operations using an appropriate HTTP error response code. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocated struct after it had been freed, in its transfer shutdown code path.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-43552"
    },
    {
      "cve": "CVE-2022-43680",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-43680"
    },
    {
      "cve": "CVE-2022-45061",
      "cwe": {
        "id": "CWE-407",
        "name": "Inefficient Algorithmic Complexity"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor; in such a scenario, they could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied supposed hostname. For example, the attack payload could be placed in the Location header of an HTTP response with status code 302. A fix is planned in 3.11.1, 3.10.9, 3.9.16, 3.8.16, and 3.7.16.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-45061"
    },
    {
      "cve": "CVE-2022-45873",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "systemd 250 and 251 allows local users to achieve a systemd-coredump deadlock by triggering a crash that has a long backtrace. This occurs in parse_elf_object in shared/elf-util.c. The exploitation methodology is to crash a binary calling the same function recursively, and put it in a deeply nested directory to make its backtrace large enough to cause the deadlock. This must be done 16 times when MaxConnections=16 is set for the systemd/units/systemd-coredump.socket file.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-45873"
    },
    {
      "cve": "CVE-2022-46908",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-46908"
    },
    {
      "cve": "CVE-2022-48303",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-48303"
    },
    {
      "cve": "CVE-2022-48522",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-48522"
    },
    {
      "cve": "CVE-2022-48560",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free exists in Python through 3.9 via heappushpop in heapq.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-48560"
    },
    {
      "cve": "CVE-2023-0215",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. This internal function is in turn called by the public API functions PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream. The OpenSSL cms and smime command line applications are similarly affected.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-0215"
    },
    {
      "cve": "CVE-2023-0286",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Disable CRL (certification revocation list) checking, if possible",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-0286"
    },
    {
      "cve": "CVE-2023-0361",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-0361"
    },
    {
      "cve": "CVE-2023-0464",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems.\r\n\r\nPolicy processing is disabled by default but can be enabled by passing the `-policy` argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()` function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-0464"
    },
    {
      "cve": "CVE-2023-0465",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Applications that use a non-default option when verifying certificates may be\r\nvulnerable to an attack from a malicious CA to circumvent certain checks.\r\n\r\nInvalid certificate policies in leaf certificates are silently ignored by\r\nOpenSSL and other certificate policy checks are skipped for that certificate.\r\nA malicious CA could use this to deliberately assert invalid certificate policies\r\nin order to circumvent policy checking on the certificate altogether.\r\n\r\nPolicy processing is disabled by default but can be enabled by passing\r\nthe `-policy` argument to the command line utilities or by calling the\r\n`X509_VERIFY_PARAM_set1_policies()` function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-0465"
    },
    {
      "cve": "CVE-2023-0466",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The function X509_VERIFY_PARAM_add0_policy() is documented to\r\nimplicitly enable the certificate policy check when doing certificate\r\nverification. However the implementation of the function does not\r\nenable the check which allows certificates with invalid or incorrect\r\npolicies to pass the certificate verification.\r\n\r\nAs suddenly enabling the policy check could break existing deployments it was\r\ndecided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy()\r\nfunction.\r\n\r\nInstead the applications that require OpenSSL to perform certificate\r\npolicy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly\r\nenable the policy check by calling X509_VERIFY_PARAM_set_flags() with\r\nthe X509_V_FLAG_POLICY_CHECK flag argument.\r\n\r\nCertificate policy checks are disabled by default in OpenSSL and are not\r\ncommonly used by applications.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-0466"
    },
    {
      "cve": "CVE-2023-0687",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function __monstartup of the file gmon.c of the component Call Graph Monitor. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. VDB-220246 is the identifier assigned to this vulnerability. NOTE: The real existence of this vulnerability is still doubted at the moment. The inputs that induce this vulnerability are basically addresses of the running application that is built with gmon enabled. It\u0027s basically trusted input or input that needs an actual security flaw to be compromised or controlled.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-0687"
    },
    {
      "cve": "CVE-2023-1077",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-1077"
    },
    {
      "cve": "CVE-2023-1206",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel\u2019s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-1206"
    },
    {
      "cve": "CVE-2023-2650",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience notable to very long delays when processing those messages, which may lead to a Denial of Service. An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - most of which have no size limit. OBJ_obj2txt() may be used to translate an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL type ASN1_OBJECT) to its canonical numeric text form, which are the sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by periods. When one of the sub-identifiers in the OBJECT IDENTIFIER is very large (these are sizes that are seen as absurdly large, taking up tens or hundreds of KiBs), the translation to a decimal number in text may take a very long time. The time complexity is O(square(n)) with \u0027n\u0027 being the size of the sub-identifiers in bytes (*). With OpenSSL 3.0, support to fetch cryptographic algorithms using names / identifiers in string form was introduced. This includes using OBJECT IDENTIFIERs in canonical numeric text form as identifiers for fetching algorithms. Such OBJECT IDENTIFIERs may be received through the ASN.1 structure AlgorithmIdentifier, which is commonly used in multiple protocols to specify what cryptographic algorithm should be used to sign or verify, encrypt or decrypt, or digest passed data. Applications that call OBJ_obj2txt() directly with untrusted data are affected, with any version of OpenSSL. If the use is for the mere purpose of display, the severity is considered low. In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 certificates, including simple things like verifying its signature. The impact on TLS is relatively low, because all versions of OpenSSL have a 100KiB limit on the peer\u0027s certificate chain. Additionally, this only impacts clients, or servers that have explicitly enabled client authentication. In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, such as X.509 certificates. This is assumed to not happen in such a way that it would cause a Denial of Service, so these versions are considered not affected by this issue in such a way that it would be cause for concern, and the severity is therefore considered low.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-2650"
    },
    {
      "cve": "CVE-2023-2953",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-2953"
    },
    {
      "cve": "CVE-2023-3212",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. A privileged local user could use this flaw to cause a kernel panic.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-3212"
    },
    {
      "cve": "CVE-2023-3446",
      "cwe": {
        "id": "CWE-606",
        "name": "Unchecked Input for Loop Condition"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus (\u0027p\u0027 parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulernable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the \u0027-check\u0027 option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-3446"
    },
    {
      "cve": "CVE-2023-3609",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: cls_u32 component can be exploited to achieve local privilege escalation.\r\n\r\nIf tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-3609"
    },
    {
      "cve": "CVE-2023-3611",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds write vulnerability in the Linux kernel\u0027s net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\r\n\r\nThe qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-3611"
    },
    {
      "cve": "CVE-2023-3772",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel\u0027s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-3772"
    },
    {
      "cve": "CVE-2023-3817",
      "cwe": {
        "id": "CWE-834",
        "name": "Excessive Iteration"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. After fixing CVE-2023-3446 it was discovered that a large q parameter value can also trigger an overly long computation during some of these checks. A correct q value, if present, cannot be larger than the modulus p parameter, thus it is unnecessary to perform these checks if q is larger than p. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the \"-check\" option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-3817"
    },
    {
      "cve": "CVE-2023-4016",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Under some circumstances, this weakness allows a user who has access to run the \u201cps\u201d utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-4016"
    },
    {
      "cve": "CVE-2023-4039",
      "cwe": {
        "id": "CWE-693",
        "name": "Protection Mechanism Failure"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A failure in the -fstack-protector feature in GCC-based toolchains \nthat target AArch64 allows an attacker to exploit an existing buffer \noverflow in dynamically-sized local variables in your application \nwithout this being detected. This stack-protector failure only applies \nto C99-style dynamically-sized local variables or those created using \nalloca(). The stack-protector operates as intended for statically-sized \nlocal variables.\n\nThe default behavior when the stack-protector \ndetects an overflow is to terminate your application, resulting in \ncontrolled loss of availability. An attacker who can exploit a buffer \noverflow without triggering the stack-protector might be able to change \nprogram flow control to cause an uncontrolled loss of availability or to\n go further and affect confidentiality or integrity.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-4039"
    },
    {
      "cve": "CVE-2023-4623",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation.\n\nIf a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free.\n\nWe recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-4623"
    },
    {
      "cve": "CVE-2023-4807",
      "cwe": {
        "id": "CWE-440",
        "name": "Expected Behavior Violation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications on the Windows 64 platform when running on newer X86_64 processors supporting the AVX512-IFMA instructions. Impact summary: If in an application that uses the OpenSSL library an attacker can influence whether the POLY1305 MAC algorithm is used, the application state might be corrupted with various application dependent consequences. The POLY1305 MAC (message authentication code) implementation in OpenSSL does not save the contents of non-volatile XMM registers on Windows 64 platform when calculating the MAC of data larger than 64 bytes. Before returning to the caller all the XMM registers are set to zero rather than restoring their previous content. The vulnerable code is used only on newer x86_64 processors supporting the AVX512-IFMA instructions. The consequences of this kind of internal application state corruption can be various - from no consequences, if the calling application does not depend on the contents of non-volatile XMM registers at all, to the worst consequences, where the attacker could get complete control of the application process. However given the contents of the registers are just zeroized so the attacker cannot put arbitrary values inside, the most likely consequence, if any, would be an incorrect result of some application dependent calculations or a crash leading to a denial of service. The POLY1305 MAC algorithm is most frequently used as part of the CHACHA20-POLY1305 AEAD (authenticated encryption with associated data) algorithm. The most common usage of this AEAD cipher is with TLS protocol versions 1.2 and 1.3 and a malicious client can influence whether this AEAD cipher is used by the server. This implies that server applications using OpenSSL can be potentially impacted. However we are currently not aware of any concrete application that would be affected by this issue therefore we consider this a Low severity security issue. As a workaround the AVX512-IFMA instructions support can be disabled at runtime by setting the environment variable OPENSSL_ia32cap: OPENSSL_ia32cap=:~0x200000 The FIPS provider is not affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-4807"
    },
    {
      "cve": "CVE-2023-4813",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-4813"
    },
    {
      "cve": "CVE-2023-4921",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\n\nWhen the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrect .peek handler of sch_plug and lack of error checking in agg_dequeue().\n\nWe recommend upgrading past commit 8fc134fee27f2263988ae38920bc03da416b03d8.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-4921"
    },
    {
      "cve": "CVE-2023-5156",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-5156"
    },
    {
      "cve": "CVE-2023-5678",
      "cwe": {
        "id": "CWE-606",
        "name": "Unchecked Input for Loop Condition"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn\u0027t make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn\u0027t check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the \"-pubcheck\" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-5678"
    },
    {
      "cve": "CVE-2023-5717",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A heap out-of-bounds write vulnerability in the Linux kernel\u0027s Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation.\r\n\r\nIf perf_read_group() is called while an event\u0027s sibling_list is smaller than its child\u0027s sibling_list, it can increment or write to memory locations outside of the allocated buffer.\r\n\r\nWe recommend upgrading past commit 32671e3799ca2e4590773fd0e63aaa4229e50c06.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-5717"
    },
    {
      "cve": "CVE-2023-5981",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-5981"
    },
    {
      "cve": "CVE-2023-6121",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the kernel ring buffer (dmesg).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-6121"
    },
    {
      "cve": "CVE-2023-6817",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nThe function nft_pipapo_walk did not skip inactive elements during set walk which could lead double deactivations of PIPAPO (Pile Packet Policies) elements, leading to use-after-free.\n\nWe recommend upgrading past commit 317eb9685095678f2c9f5a8189de698c5354316a.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-6817"
    },
    {
      "cve": "CVE-2023-6931",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A heap out-of-bounds write vulnerability in the Linux kernel\u0027s Performance Events system component can be exploited to achieve local privilege escalation.\n\nA perf_event\u0027s read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group().\n\nWe recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-6931"
    },
    {
      "cve": "CVE-2023-6932",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s ipv4: igmp component can be exploited to achieve local privilege escalation.\n\nA race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread.\n\nWe recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-6932"
    },
    {
      "cve": "CVE-2023-23914",
      "cwe": {
        "id": "CWE-319",
        "name": "Cleartext Transmission of Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A cleartext transmission of sensitive information vulnerability exists in curl \u003cv7.88.0 that could cause HSTS functionality fail when multiple URLs are requested serially. Using its HSTS support, curl can be instructed to use HTTPS instead of usingan insecure clear-text HTTP step even when HTTP is provided in the URL. ThisHSTS mechanism would however surprisingly be ignored by subsequent transferswhen done on the same command line because the state would not be properlycarried on.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-23914"
    },
    {
      "cve": "CVE-2023-23915",
      "cwe": {
        "id": "CWE-319",
        "name": "Cleartext Transmission of Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A cleartext transmission of sensitive information vulnerability exists in curl \u003cv7.88.0 that could cause HSTS functionality to behave incorrectly when multiple URLs are requested in parallel. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. This HSTS mechanism would however surprisingly fail when multiple transfers are done in parallel as the HSTS cache file gets overwritten by the most recentlycompleted transfer. A later HTTP-only transfer to the earlier host name would then *not* get upgraded properly to HSTS.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "mitigation",
          "details": "For earlier versions see the recommendations from section Workarounds and Mitigations",
          "product_ids": [
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-23915"
    },
    {
      "cve": "CVE-2023-23916",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An allocation of resources without limits or throttling vulnerability exists in curl \u003cv7.88.0 based on the \"chained\" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable \"links\" in this \"decompression chain\" wascapped, but the cap was implemented on a per-header basis allowing a maliciousserver to insert a virtually unlimited number of compression steps simply byusing many headers. The use of such a decompression chain could result in a \"malloc bomb\", making curl end up spending enormous amounts of allocated heap memory, or trying to and returning out of memory errors.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-23916"
    },
    {
      "cve": "CVE-2023-24329",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-24329"
    },
    {
      "cve": "CVE-2023-25136",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-party report states \"remote code execution is theoretically possible.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-25136"
    },
    {
      "cve": "CVE-2023-25139",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "sprintf in the GNU C Library (glibc) 2.37 has a buffer overflow (out-of-bounds write) in some situations with a correct buffer size. This is unrelated to CWE-676. It may write beyond the bounds of the destination buffer when attempting to write a padded, thousands-separated string representation of a number, if the buffer is allocated the exact size required to represent that number as a string. For example, 1,234,567 (with padding to 13) overflows by two bytes.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-25139"
    },
    {
      "cve": "CVE-2023-26604",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the \"systemctl status\" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-26604"
    },
    {
      "cve": "CVE-2023-27371",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNU libmicrohttpd before 0.9.76 allows remote DoS (Denial of Service) due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHD_create_post_processor() method. This allows an attacker to remotely send a malicious HTTP POST packet that includes one or more \u0027\\0\u0027 bytes in a multipart/form-data boundary field, which - assuming a specific heap layout - will result in an out-of-bounds read and a crash in the find_boundary() function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AC:H/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-27371"
    },
    {
      "cve": "CVE-2023-27533",
      "cwe": {
        "id": "CWE-74",
        "name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability in input validation exists in curl \u003c8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and \"telnet options\" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform option negotiation without the application\u0027s intent. This vulnerability could be exploited if an application allows user input, thereby enabling attackers to execute arbitrary code on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-27533"
    },
    {
      "cve": "CVE-2023-27534",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A path traversal vulnerability exists in curl \u003c8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user\u0027s home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-27534"
    },
    {
      "cve": "CVE-2023-27535",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An authentication bypass vulnerability exists in libcurl \u003c8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-27535"
    },
    {
      "cve": "CVE-2023-27536",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An authentication bypass vulnerability exists libcurl \u003c8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-27536"
    },
    {
      "cve": "CVE-2023-27537",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A double free vulnerability exists in libcurl \u003c8.0.0 when sharing HSTS data between separate \"handles\". This sharing was introduced without considerations for do this sharing across separate threads but there was no indication of this fact in the documentation. Due to missing mutexes or thread locks, two threads sharing the same HSTS data could end up doing a double-free or use-after-free.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-27537"
    },
    {
      "cve": "CVE-2023-27538",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl would reuse a previously created connection even when an SSH related option had been changed that should have prohibited reuse. libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, two SSH settings were left out from the configuration match checks, making them match too easily.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-27538"
    },
    {
      "cve": "CVE-2023-28484",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-28484"
    },
    {
      "cve": "CVE-2023-29383",
      "cwe": {
        "id": "CWE-74",
        "name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that \"cat /etc/passwd\" shows a rogue user account.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-29383"
    },
    {
      "cve": "CVE-2023-29469",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the \u0027\\0\u0027 value).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-29469"
    },
    {
      "cve": "CVE-2023-29491",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-29491"
    },
    {
      "cve": "CVE-2023-29499",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-29499"
    },
    {
      "cve": "CVE-2023-31085",
      "cwe": {
        "id": "CWE-369",
        "name": "Divide By Zero"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd-\u003eerasesize), used indirectly by ctrl_cdev_ioctl, when mtd-\u003eerasesize is 0.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-31085"
    },
    {
      "cve": "CVE-2023-32611",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-32611"
    },
    {
      "cve": "CVE-2023-32636",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect glib distributors who followed the guidance of glib developers to backport the initial fix for CVE-2023-29499.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-32636"
    },
    {
      "cve": "CVE-2023-32643",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in GLib. The GVariant deserialization code is vulnerable to a heap buffer overflow introduced by the fix for CVE-2023-32665. This bug does not affect any released version of GLib, but does affect GLib distributors who followed the guidance of GLib developers to backport the initial fix for CVE-2023-32665.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-32643"
    },
    {
      "cve": "CVE-2023-32665",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "mitigation",
          "details": "Limit remote access to port 22350/tcp on systems where the Codemeter runtime network server is running. Note that this is the default configuration, which therefore limits the exploitability to local attacks only.",
          "product_ids": [
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-32665"
    },
    {
      "cve": "CVE-2023-34319",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The fix for XSA-423 added logic to Linux\u0027es netback driver to deal with\na frontend splitting a packet in a way such that not all of the headers\nwould come in one piece.  Unfortunately the logic introduced there\ndidn\u0027t account for the extreme case of the entire packet being split\ninto as many pieces as permitted by the protocol, yet still being\nsmaller than the area that\u0027s specially dealt with to keep all (possible)\nheaders together.  Such an unusual packet would therefore trigger a\nbuffer overrun in the driver.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-34319"
    },
    {
      "cve": "CVE-2023-34969",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the same dbus-daemon can cause a dbus-daemon crash under some circumstances via an unreplyable message. When done on the well-known system bus, this is a denial-of-service vulnerability. The fixed versions are 1.12.28, 1.14.8, and 1.15.6.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-34969"
    },
    {
      "cve": "CVE-2023-35001",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-35001"
    },
    {
      "cve": "CVE-2023-35945",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy\u2019s HTTP/2 codec may leak a header map and bookkeeping structures upon receiving `RST_STREAM` immediately followed by the `GOAWAY` frames from an upstream server. In nghttp2, cleanup of pending requests due to receipt of the `GOAWAY` frame skips de-allocation of the bookkeeping structure and pending compressed header. The error return [code path] is taken if connection is already marked for not sending more requests due to `GOAWAY` frame. The clean-up code is right after the return statement, causing memory leak. Denial of service through memory exhaustion. This vulnerability was patched in versions(s) 1.26.3, 1.25.8, 1.24.9, 1.23.11.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-35945"
    },
    {
      "cve": "CVE-2023-38408",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-38408"
    },
    {
      "cve": "CVE-2023-39128",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-39128"
    },
    {
      "cve": "CVE-2023-39189",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-39189"
    },
    {
      "cve": "CVE-2023-39192",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a crash or information disclosure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-39192"
    },
    {
      "cve": "CVE-2023-39193",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-39193"
    },
    {
      "cve": "CVE-2023-39194",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, potentially leading to an information disclosure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.2,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-39194"
    },
    {
      "cve": "CVE-2023-39615",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Xmlsoft Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file. NOTE: the vendor\u0027s position is that the product does not support the legacy SAX1 interface with custom callbacks; there is a crash even without crafted input.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-39615"
    },
    {
      "cve": "CVE-2023-40283",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the children of an sk are mishandled.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-40283"
    },
    {
      "cve": "CVE-2023-42754",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privileges to crash the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-42754"
    },
    {
      "cve": "CVE-2023-42755",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-42755"
    },
    {
      "cve": "CVE-2023-45322",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor\u0027s position is \"I don\u0027t think these issues are critical enough to warrant a CVE ID ... because an attacker typically can\u0027t control when memory allocations fail.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-45322"
    },
    {
      "cve": "CVE-2023-45853",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-45853"
    },
    {
      "cve": "CVE-2023-45871",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-45871"
    },
    {
      "cve": "CVE-2023-45898",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The Linux kernel before 6.5.4 has an es1 use-after-free in fs/ext4/extents_status.c, related to ext4_es_insert_extent.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-45898"
    },
    {
      "cve": "CVE-2023-45918",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinfo/lib_termcap.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-45918"
    },
    {
      "cve": "CVE-2023-46862",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel through 6.5.9. During a race with SQ thread exit, an io_uring/fdinfo.c io_uring_show_fdinfo NULL pointer dereference can occur.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-46862"
    },
    {
      "cve": "CVE-2023-52425",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-52425"
    },
    {
      "cve": "CVE-2023-52426",
      "cwe": {
        "id": "CWE-776",
        "name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-52426"
    },
    {
      "cve": "CVE-2023-52444",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid dirent corruption As Al reported in link[1]: f2fs_rename() ... if (old_dir != new_dir \u0026\u0026 !whiteout) f2fs_set_link(old_inode, old_dir_entry, old_dir_page, new_dir); else f2fs_put_page(old_dir_page, 0); You want correct inumber in the \"..\" link. And cross-directory rename does move the source to new parent, even if you\u0027d been asked to leave a whiteout in the old place. [1] https://lore.kernel.org/all/20231017055040.GN800259@ZenIV/ With below testcase, it may cause dirent corruption, due to it missed to call f2fs_set_link() to update \"..\" link to new directory. - mkdir -p dir/foo - renameat2 -w dir/foo bar [ASSERT] (__chk_dots_dentries:1421) --\u003e Bad inode number[0x4] for \u0027..\u0027, parent parent ino is [0x3] [FSCK] other corrupted bugs [Fail]",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-52444"
    },
    {
      "cve": "CVE-2023-52464",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: EDAC/thunderx: Fix possible out-of-bounds string access Enabling -Wstringop-overflow globally exposes a warning for a common bug in the usage of strncat(): drivers/edac/thunderx_edac.c: In function \u0027thunderx_ocx_com_threaded_isr\u0027: drivers/edac/thunderx_edac.c:1136:17: error: \u0027strncat\u0027 specified bound 1024 equals destination size [-Werror=stringop-overflow=] 1136 | strncat(msg, other, OCX_MESSAGE_SIZE); | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ... 1145 | strncat(msg, other, OCX_MESSAGE_SIZE); ... 1150 | strncat(msg, other, OCX_MESSAGE_SIZE); ... Apparently the author of this driver expected strncat() to behave the way that strlcat() does, which uses the size of the destination buffer as its third argument rather than the length of the source buffer. The result is that there is no check on the size of the allocated buffer. Change it to strlcat(). [ bp: Trim compiler output, fixup commit message. ]",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-52464"
    },
    {
      "cve": "CVE-2023-52612",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: crypto: scomp - fix req-\u003edst buffer overflow The req-\u003edst buffer size should be checked before copying from the scomp_scratch-\u003edst to avoid req-\u003edst buffer overflow problem.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-52612"
    },
    {
      "cve": "CVE-2023-52622",
      "cwe": {
        "id": "CWE-131",
        "name": "Incorrect Calculation of Buffer Size"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ext4: avoid online resizing failures due to oversized flex bg.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-52622"
    },
    {
      "cve": "CVE-2023-52675",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: powerpc/imc-pmu: Add a null pointer check in update_events_in_group() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-52675"
    },
    {
      "cve": "CVE-2023-52699",
      "cwe": {
        "id": "CWE-833",
        "name": "Deadlock"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: sysv: don\u0027t call sb_bread() with pointers_lock held syzbot is reporting sleep in atomic context in SysV filesystem [1], for sb_bread() is called with rw_spinlock held. A \"write_lock(\u0026pointers_lock) =\u003e read_lock(\u0026pointers_lock) deadlock\" bug and a \"sb_bread() with write_lock(\u0026pointers_lock)\" bug were introduced by \"Replace BKL for chain locking with sysvfs-private rwlock\" in Linux 2.5.12. Then, \"[PATCH] err1-40: sysvfs locking fix\" in Linux 2.6.8 fixed the former bug by moving pointers_lock lock to the callers, but instead introduced a \"sb_bread() with read_lock(\u0026pointers_lock)\" bug (which made this problem easier to hit). Al Viro suggested that why not to do like get_branch()/get_block()/ find_shared() in Minix filesystem does. And doing like that is almost a revert of \"[PATCH] err1-40: sysvfs locking fix\" except that get_branch() from with find_shared() is called without write_lock(\u0026pointers_lock).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-52699"
    },
    {
      "cve": "CVE-2024-0584",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free issue was found in igmp_start_timer in net/ipv4/igmp.c in the network sub-component in the Linux Kernel. This flaw allows a local user to observe a refcnt use-after-free issue when receiving an igmp query packet, leading to a kernel information leak.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-0584"
    },
    {
      "cve": "CVE-2024-2004",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protocol which has been explicitly disabled.      curl --proto -all,-http http://curl.se  The flaw is only present if the set of selected protocols disables the entire set of available protocols, in itself a command with no practical use and therefore unlikely to be encountered in real situations. The curl security team has thus assessed this to be low severity bug.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-2004"
    },
    {
      "cve": "CVE-2024-2236",
      "cwe": {
        "id": "CWE-208",
        "name": "Observable Timing Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A timing-based side-channel flaw was found in libgcrypt\u0027s RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-2236"
    },
    {
      "cve": "CVE-2024-2379",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-2379"
    },
    {
      "cve": "CVE-2024-2398",
      "cwe": {
        "id": "CWE-772",
        "name": "Missing Release of Resource after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory.  Further, this error condition fails silently and is therefore not easily detected by an application.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-2398"
    },
    {
      "cve": "CVE-2024-2466",
      "cwe": {
        "id": "CWE-297",
        "name": "Improper Validation of Certificate with Host Mismatch"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS.  libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate check. This affects all uses of TLS protocols (HTTPS, FTPS, IMAPS, POPS3, SMTPS, etc).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-2466"
    },
    {
      "cve": "CVE-2024-2511",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions. An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in TLSv1.3 if the non-default SSL_OP_NO_TICKET option is being used (but not if early_data support is also configured and the default anti-replay protection is in use). In this case, under certain conditions, the session cache can get into an incorrect state and it will fail to flush properly as it fills. The session cache will continue to grow in an unbounded manner. A malicious client could deliberately create the scenario for this failure to force a Denial of Service. It may also happen by accident in normal operation. This issue only affects TLS servers supporting TLSv1.3. It does not affect TLS clients. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue. OpenSSL 1.0.2 is also not affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-2511"
    },
    {
      "cve": "CVE-2024-5535",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a range of potential consequences such as unexpected application beahviour or a crash. In particular this issue could result in up to 255 bytes of arbitrary private data from memory being sent to the peer leading to a loss of confidentiality. However, only applications that directly call the SSL_select_next_proto function with a 0 length list of supported client protocols are affected by this issue. This would normally never be a valid scenario and is typically not under attacker control but may occur by accident in the case of a configuration or programming error in the calling application. The OpenSSL API function SSL_select_next_proto is typically used by TLS applications that support ALPN (Application Layer Protocol Negotiation) or NPN (Next Protocol Negotiation). NPN is older, was never standardised and is deprecated in favour of ALPN. We believe that ALPN is significantly more widely deployed than NPN. The SSL_select_next_proto function accepts a list of protocols from the server and a list of protocols from the client and returns the first protocol that appears in the server list that also appears in the client list. In the case of no overlap between the two lists it returns the first item in the client list. In either case it will signal whether an overlap between the two lists was found. In the case where SSL_select_next_proto is called with a zero length client list it fails to notice this condition and returns the memory immediately following the client list pointer (and reports that there was no overlap in the lists). This function is typically called from a server side application callback for ALPN or a client side application callback for NPN. In the case of ALPN the list of protocols supplied by the client is guaranteed by libssl to never be zero in length. The list of server protocols comes from the application and should never normally be expected to be of zero length. In this case if the SSL_select_next_proto function has been called as expected (with the list supplied by the client passed in the client/client_len parameters), then the application will not be vulnerable to this issue. If the application has accidentally been configured with a zero length server list, and has accidentally passed that zero length server list in the client/client_len parameters, and has additionally failed to correctly handle a \"no overlap\" response (which would normally result in a handshake failure in ALPN) then it will be vulnerable to this problem. In the case of NPN, the protocol permits the client to opportunistically select a protocol when there is no overlap. OpenSSL returns the first client protocol in the no overlap case in support of this. The list of client protocols comes from the application and should never normally be expected to be of zero length. However if the SSL_select_next_proto function is accidentally called with a client_len of 0 then an invalid memory pointer will be returned instead. If the application uses this output as the opportunistic protocol then the loss of confidentiality will occur. This issue has been assessed as Low severity because applications are most likely to be vulnerable if they are using NPN instead of ALPN - but NPN is not widely used. It also requires an application configuration or programming error. Finally, this issue would not typically be under attacker control making active exploitation unlikely. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue. Due to the low severity of this issue we are not issuing new releases of OpenSSL at this time. The fix will be included in the next releases when they become available.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-5535"
    },
    {
      "cve": "CVE-2024-5742",
      "cwe": {
        "id": "CWE-377",
        "name": "Insecure Temporary File"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privileges through a malicious symlink.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-5742"
    },
    {
      "cve": "CVE-2024-6409",
      "cwe": {
        "id": "CWE-364",
        "name": "Signal Handler Race Condition"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A race condition vulnerability was discovered in how signals are handled by OpenSSH\u0027s server (sshd). If a remote attacker does not authenticate within a set time period, then sshd\u0027s SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog(). As a consequence of a successful attack, in the worst case scenario, an attacker may be able to perform a remote code execution (RCE) as an unprivileged user running the sshd server.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-6409"
    },
    {
      "cve": "CVE-2024-7264",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl\u0027s ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field, the parser might end up using -1 for the length of the *time fraction*, leading to a `strlen()` getting performed on a pointer to a heap buffer area that is not (purposely) null terminated. This flaw most likely leads to a crash, but can also lead to heap contents getting returned to the application when [CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-7264"
    },
    {
      "cve": "CVE-2024-8096",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. If the returned status reports another error than \u0027revoked\u0027 (like for example \u0027unauthorized\u0027) it is not treated as a bad certficate.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-8096"
    },
    {
      "cve": "CVE-2024-8176",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-8176"
    },
    {
      "cve": "CVE-2024-9143",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: Use of the low-level GF(2m) elliptic curve APIs with untrusted explicit values for the field polynomial can lead to out-of-bounds memory reads or writes. Impact summary: Out of bound memory writes can lead to an application crash or even a possibility of a remote code execution, however, in all the protocols involving Elliptic Curve Cryptography that we\u0027re aware of, either only \"named curves\" are supported, or, if explicit curve parameters are supported, they specify an X9.62 encoding of binary (GF(2m)) curves that can\u0027t represent problematic input values. Thus the likelihood of existence of a vulnerable application is low. In particular, the X9.62 encoding is used for ECC keys in X.509 certificates, so problematic inputs cannot occur in the context of processing X.509 certificates. Any problematic use-cases would have to be using an \"exotic\" curve encoding. The affected APIs include: EC_GROUP_new_curve_GF2m(), EC_GROUP_new_from_params(), and various supporting BN_GF2m_*() functions. Applications working with \"exotic\" explicit binary (GF(2m)) curve parameters, that make it possible to represent invalid field polynomials with a zero constant term, via the above or similar APIs, may terminate abruptly as a result of reading or writing outside of array bounds. Remote code execution cannot easily be ruled out. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-9143"
    },
    {
      "cve": "CVE-2024-11053",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When asked to both use a `.netrc` file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has an entry that matches the redirect target hostname but the entry either omits just the password or omits both login and password.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-11053"
    },
    {
      "cve": "CVE-2024-26645",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracing_map.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-26645"
    },
    {
      "cve": "CVE-2024-26671",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix IO hang from sbitmap wakeup race.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-26671"
    },
    {
      "cve": "CVE-2024-26679",
      "cwe": {
        "id": "CWE-413",
        "name": "Improper Resource Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ninet: read sk-\u003esk_family once in inet_recv_error()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-26679"
    },
    {
      "cve": "CVE-2024-26772",
      "cwe": {
        "id": "CWE-413",
        "name": "Improper Resource Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\next4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()\r\n\r\nPlaces the logic for checking if the group\u0027s block bitmap is corrupt under\r\nthe protection of the group lock to avoid allocating blocks from the group\r\nwith a corrupted block bitmap.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-26772"
    },
    {
      "cve": "CVE-2024-26773",
      "cwe": {
        "id": "CWE-413",
        "name": "Improper Resource Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-26773"
    },
    {
      "cve": "CVE-2024-26777",
      "cwe": {
        "id": "CWE-369",
        "name": "Divide By Zero"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfbdev: sis: Error out if pixclock equals zero",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-26777"
    },
    {
      "cve": "CVE-2024-26805",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netlink: Fix kernel-infoleak-after-free in skb_datagram_iter.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-26805"
    },
    {
      "cve": "CVE-2024-26835",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nf_tables: set dormant flag on hook register failure",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-26835"
    },
    {
      "cve": "CVE-2024-26863",
      "cwe": {
        "id": "CWE-908",
        "name": "Use of Uninitialized Resource"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: hsr: Fix uninit-value access in hsr_get_node().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-26863"
    },
    {
      "cve": "CVE-2024-26878",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: quota: Fix potential NULL pointer dereference.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-26878"
    },
    {
      "cve": "CVE-2024-26880",
      "cwe": {
        "id": "CWE-99",
        "name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: dm: call the resume method on internal suspend.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-26880"
    },
    {
      "cve": "CVE-2024-26898",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-26898"
    },
    {
      "cve": "CVE-2024-26901",
      "cwe": {
        "id": "CWE-908",
        "name": "Use of Uninitialized Resource"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-26901"
    },
    {
      "cve": "CVE-2024-26923",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-26923"
    },
    {
      "cve": "CVE-2024-26957",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: fix reference counting on zcrypt card objects.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-26957"
    },
    {
      "cve": "CVE-2024-26973",
      "cwe": {
        "id": "CWE-457",
        "name": "Use of Uninitialized Variable"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: fat: fix uninitialized field in nostale filehandles When fat_encode_fh_nostale() encodes file handle without a parent it stores only first 10 bytes of the file handle. However the length of the file handle must be a multiple of 4 so the file handle is actually 12 bytes long and the last two bytes remain uninitialized. This is not great at we potentially leak uninitialized information with the handle to userspace. Properly initialize the full handle length.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-26973"
    },
    {
      "cve": "CVE-2024-27020",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in nft_expr_type_get().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-27020"
    },
    {
      "cve": "CVE-2024-27032",
      "cwe": {
        "id": "CWE-833",
        "name": "Deadlock"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential panic during recovery During recovery, if FAULT_BLOCK is on, it is possible that f2fs_reserve_new_block() will return -ENOSPC during recovery, then it may trigger panic. Also, if fault injection rate is 1 and only FAULT_BLOCK fault type is on, it may encounter deadloop in loop of block reservation. Let\u0027s change as below to fix these issues: - remove bug_on() to avoid panic. - limit the loop count of block reservation to avoid potential deadloop.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-27032"
    },
    {
      "cve": "CVE-2024-27065",
      "cwe": {
        "id": "CWE-1287",
        "name": "Improper Validation of Specified Type of Input"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: do not compare internal table flags on updates Restore skipping transaction if table update does not modify flags.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-27065"
    },
    {
      "cve": "CVE-2024-27074",
      "cwe": {
        "id": "CWE-772",
        "name": "Missing Release of Resource after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: media: go7007: fix a memleak in go7007_load_encoder.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-27074"
    },
    {
      "cve": "CVE-2024-28182",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbounded number of HTTP/2 CONTINUATION frames even after a stream is reset to keep HPACK context in sync.  This causes excessive CPU usage to decode HPACK stream. nghttp2 v1.61.0 mitigates this vulnerability by limiting the number of CONTINUATION frames it accepts per stream. There is no workaround for this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-28182"
    },
    {
      "cve": "CVE-2024-28757",
      "cwe": {
        "id": "CWE-776",
        "name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-28757"
    },
    {
      "cve": "CVE-2024-28834",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-28834"
    },
    {
      "cve": "CVE-2024-28835",
      "cwe": {
        "id": "CWE-248",
        "name": "Uncaught Exception"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the \"certtool --verify-chain\" command.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-28835"
    },
    {
      "cve": "CVE-2024-33621",
      "cwe": {
        "id": "CWE-1287",
        "name": "Improper Validation of Specified Type of Input"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ipvlan: Dont Use skb-\u003esk in ipvlan_process_v4 / 6_outbound.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-33621"
    },
    {
      "cve": "CVE-2024-34459",
      "cwe": {
        "id": "CWE-126",
        "name": "Buffer Over-read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-34459"
    },
    {
      "cve": "CVE-2024-35807",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ext4: fix corruption during on-line resize.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-35807"
    },
    {
      "cve": "CVE-2024-35809",
      "cwe": {
        "id": "CWE-1287",
        "name": "Improper Validation of Specified Type of Input"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: PCI/PM: Drain runtime-idle callbacks before driver removal.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-35809"
    },
    {
      "cve": "CVE-2024-35830",
      "cwe": {
        "id": "CWE-665",
        "name": "Improper Initialization"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: media: tc358743: register v4l2 async device only after successful setup Ensure the device has been setup correctly before registering the v4l2 async device, thus allowing userspace to access.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-35830"
    },
    {
      "cve": "CVE-2024-35888",
      "cwe": {
        "id": "CWE-457",
        "name": "Use of Uninitialized Variable"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: erspan: make sure erspan_base_hdr is present in skb-\u003ehead.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-35888"
    },
    {
      "cve": "CVE-2024-35910",
      "cwe": {
        "id": "CWE-665",
        "name": "Improper Initialization"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: tcp: properly terminate timers for kernel sockets We had various syzbot reports about tcp timers firing after the corresponding netns has been dismantled. Fortunately Josef Bacik could trigger the issue more often, and could test a patch I wrote two years ago. When TCP sockets are closed, we call inet_csk_clear_xmit_timers() to \u0027stop\u0027 the timers. inet_csk_clear_xmit_timers() can be called from any context, including when socket lock is held. This is the reason it uses sk_stop_timer(), aka del_timer(). This means that ongoing timers might finish much later. For user sockets, this is fine because each running timer holds a reference on the socket, and the user socket holds a reference on the netns. For kernel sockets, we risk that the netns is freed before timer can complete, because kernel sockets do not hold reference on the netns. This patch adds inet_csk_clear_xmit_timers_sync() function that using sk_stop_timer_sync() to make sure all timers are terminated before the kernel socket is released. Modules using kernel sockets close them in their netns exit() handler. Also add sock_not_owned_by_me() helper to get LOCKDEP support : inet_csk_clear_xmit_timers_sync() must not be called while socket lock is held. It is very possible we can revert in the future commit 3a58f13a881e (\"net: rds: acquire refcount on TCP sockets\") which attempted to solve the issue in rds only. (net/smc/af_smc.c and net/mptcp/subflow.c have similar code) We probably can remove the check_net() tests from tcp_out_of_resources() and __tcp_close() in the future.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-35910"
    },
    {
      "cve": "CVE-2024-35925",
      "cwe": {
        "id": "CWE-369",
        "name": "Divide By Zero"
      },
      "notes": [
        {
          "category": "summary",
          "text": "block: prevent division by zero in blk_rq_stat_sum()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-35925"
    },
    {
      "cve": "CVE-2024-35944",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-35944"
    },
    {
      "cve": "CVE-2024-36017",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation Each attribute inside a nested IFLA_VF_VLAN_LIST is assumed to be a struct ifla_vf_vlan_info so the size of such attribute needs to be at least of sizeof(struct ifla_vf_vlan_info) which is 14 bytes. The current size validation in do_setvfinfo is against NLA_HDRLEN (4 bytes) which is less than sizeof(struct ifla_vf_vlan_info) so this validation is not enough and a too small attribute might be cast to a struct ifla_vf_vlan_info, this might result in an out of bands read access when accessing the saved (casted) entry in ivvl.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-36017"
    },
    {
      "cve": "CVE-2024-36286",
      "cwe": {
        "id": "CWE-1287",
        "name": "Improper Validation of Specified Type of Input"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-36286"
    },
    {
      "cve": "CVE-2024-36484",
      "cwe": {
        "id": "CWE-99",
        "name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net: relax socket state check at accept time.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-36484"
    },
    {
      "cve": "CVE-2024-36904",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-36904"
    },
    {
      "cve": "CVE-2024-36905",
      "cwe": {
        "id": "CWE-369",
        "name": "Divide By Zero"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-36905"
    },
    {
      "cve": "CVE-2024-36934",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: bna: ensure the copied buf is NUL terminated Currently, we allocate a nbytes-sized kernel buffer and copy nbytes from userspace to that buffer. Later, we use sscanf on this buffer but we don\u0027t ensure that the string is terminated inside the buffer, this can lead to OOB read when using sscanf. Fix this issue by using memdup_user_nul instead of memdup_user.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-36934"
    },
    {
      "cve": "CVE-2024-37356",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: tcp: Fix shift-out-of-bounds in dctcp_update_alpha().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-37356"
    },
    {
      "cve": "CVE-2024-38596",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-38596"
    },
    {
      "cve": "CVE-2024-38598",
      "cwe": {
        "id": "CWE-667",
        "name": "Improper Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: md: fix resync softlockup when bitmap size is less than array size.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-38598"
    },
    {
      "cve": "CVE-2024-38612",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix invalid unregister error path The error path of seg6_init() is wrong in case CONFIG_IPV6_SEG6_LWTUNNEL is not defined. In that case if seg6_hmac_init() fails, the genl_unregister_family() isn\u0027t called. This issue exist since commit 46738b1317e1 (\"ipv6: sr: add option to control lwtunnel support\"), and commit 5559cea2d5aa (\"ipv6: sr: fix possible use-after-free and null-ptr-deref\") replaced unregister_pernet_subsys() with genl_unregister_family() in this error path.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-38612"
    },
    {
      "cve": "CVE-2024-38621",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: media: stk1160: fix bounds checking in stk1160_copy_video() The subtract in this condition is reversed. The -\u003elength is the length of the buffer. The -\u003ebytesused is how many bytes we have copied thus far. When the condition is reversed that means the result of the subtraction is always negative but since it\u0027s unsigned then the result is a very high positive value. That means the overflow check is never true. Additionally, the -\u003ebytesused doesn\u0027t actually work for this purpose because we\u0027re not writing to \"buf-\u003emem + buf-\u003ebytesused\". Instead, the math to calculate the destination where we are writing is a bit involved. You calculate the number of full lines already written, multiply by two, skip a line if necessary so that we start on an odd numbered line, and add the offset into the line. To fix this buffer overflow, just take the actual destination where we are writing, if the offset is already out of bounds print an error and return. Otherwise, write up to buf-\u003elength bytes.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-38621"
    },
    {
      "cve": "CVE-2024-38780",
      "cwe": {
        "id": "CWE-667",
        "name": "Improper Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: dma-buf/sw-sync: don\u0027t enable IRQ from sync_print_obj().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-38780"
    },
    {
      "cve": "CVE-2024-39292",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: um: Add winch to winch_handlers before registering winch IRQ Registering a winch IRQ is racy, an interrupt may occur before the winch is added to the winch_handlers list. If that happens, register_winch_irq() adds to that list a winch that is scheduled to be (or has already been) freed, causing a panic later in winch_cleanup(). Avoid the race by adding the winch to the winch_handlers list before registering the IRQ, and rolling back if um_request_irq() fails.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-39292"
    },
    {
      "cve": "CVE-2024-39469",
      "cwe": {
        "id": "CWE-1050",
        "name": "Excessive Platform Resource Consumption within a Loop"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors The error handling in nilfs_empty_dir() when a directory folio/page read fails is incorrect, as in the old ext2 implementation, and if the folio/page cannot be read or nilfs_check_folio() fails, it will falsely determine the directory as empty and corrupt the file system. In addition, since nilfs_empty_dir() does not immediately return on a failed folio/page read, but continues to loop, this can cause a long loop with I/O if i_size of the directory\u0027s inode is also corrupted, causing the log writer thread to wait and hang, as reported by syzbot. Fix these issues by making nilfs_empty_dir() immediately return a false value (0) if it fails to get a directory folio/page.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-39469"
    },
    {
      "cve": "CVE-2024-39487",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-39487"
    },
    {
      "cve": "CVE-2024-39489",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix memleak in seg6_hmac_init_algo seg6_hmac_init_algo returns without cleaning up the previous allocations if one fails, so it\u0027s going to leak all that memory and the crypto tfms. Update seg6_hmac_exit to only free the memory when allocated, so we can reuse the code directly.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-39489"
    },
    {
      "cve": "CVE-2024-40901",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-40901"
    },
    {
      "cve": "CVE-2024-40959",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-40959"
    },
    {
      "cve": "CVE-2024-41046",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiq_etop: fix double free in detach The number of the currently released descriptor is never incremented which results in the same skb being released multiple times.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-41046"
    },
    {
      "cve": "CVE-2024-42070",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers register store validation for NFT_DATA_VALUE is conditional, however, the datatype is always either NFT_DATA_VALUE or NFT_DATA_VERDICT. This only requires a new helper function to infer the register type from the set datatype so this conditional check can be removed. Otherwise, pointer to chain object can be leaked through the registers.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-42070"
    },
    {
      "cve": "CVE-2024-42096",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: x86: stop playing stack games in profile_pc().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-42096"
    },
    {
      "cve": "CVE-2024-42106",
      "cwe": {
        "id": "CWE-908",
        "name": "Use of Uninitialized Resource"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: inet_diag: Initialize pad field in struct inet_diag_req_v2.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-42106"
    },
    {
      "cve": "CVE-2024-42131",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: mm: avoid overflows in dirty throttling logic The dirty throttling logic is interspersed with assumptions that dirty limits in PAGE_SIZE units fit into 32-bit (so that various multiplications fit into 64-bits). If limits end up being larger, we will hit overflows, possible divisions by 0 etc. Fix these problems by never allowing so large dirty limits as they have dubious practical value anyway. For dirty_bytes / dirty_background_bytes interfaces we can just refuse to set so large limits. For dirty_ratio / dirty_background_ratio it isn\u0027t so simple as the dirty limit is computed from the amount of available memory which can change due to memory hotplug etc. So when converting dirty limits from ratios to numbers of pages, we just don\u0027t allow the result to exceed UINT_MAX. This is root-only triggerable problem which occurs when the operator sets dirty limits to \u003e16 TB.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-42131"
    },
    {
      "cve": "CVE-2024-42154",
      "cwe": {
        "id": "CWE-805",
        "name": "Buffer Access with Incorrect Length Value"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: tcp_metrics: validate source addr length I don\u0027t see anything checking that TCP_METRICS_ATTR_SADDR_IPV4 is at least 4 bytes long, and the policy doesn\u0027t have an entry for this attribute at all (neither does it for IPv6 but v6 is manually validated).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-42154"
    },
    {
      "cve": "CVE-2024-43871",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: devres: Fix memory leakage caused by driver API devm_free_percpu() It will cause memory leakage when use driver API devm_free_percpu() to free memory allocated by devm_alloc_percpu(), fixed by using devres_release() instead of devres_destroy() within devm_free_percpu().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-43871"
    },
    {
      "cve": "CVE-2024-44944",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use helper function to calculate expect ID Delete expectation path is missing a call to the nf_expect_get_id() helper function to calculate the expectation ID, otherwise LSB of the expectation object address is leaked to userspace.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-44944"
    },
    {
      "cve": "CVE-2024-44965",
      "cwe": {
        "id": "CWE-229",
        "name": "Improper Handling of Values"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix pti_clone_pgtable() alignment assumption Guenter reported dodgy crashes on an i386-nosmp build using GCC-11 that had the form of endless traps until entry stack exhaust and then #DF from the stack guard. It turned out that pti_clone_pgtable() had alignment assumptions on the start address, notably it hard assumes start is PMD aligned. This is true on x86_64, but very much not true on i386. These assumptions can cause the end condition to malfunction, leading to a \u0027short\u0027 clone. Guess what happens when the user mapping has a short copy of the entry text? Use the correct increment form for addr to avoid alignment assumptions.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-44965"
    },
    {
      "cve": "CVE-2024-46743",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: of/irq: Prevent device address out-of-bounds read in interrupt map walk.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-46743"
    },
    {
      "cve": "CVE-2024-46745",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: Input: uinput - reject requests with unreasonable number of slots When exercising uinput interface syzkaller may try setting up device with a really large number of slots, which causes memory allocation failure in input_mt_init_slots(). While this allocation failure is handled properly and request is rejected, it results in syzkaller reports. Additionally, such request may put undue burden on the system which will try to free a lot of memory for a bogus request. Fix it by limiting allowed number of slots to 100. This can easily be extended if we see devices that can track more than 100 contacts.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-46745"
    },
    {
      "cve": "CVE-2024-46750",
      "cwe": {
        "id": "CWE-413",
        "name": "Improper Resource Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: PCI: Add missing bridge lock to pci_bus_lock().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-46750"
    },
    {
      "cve": "CVE-2024-47684",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ntcp: check skb is non-NULL in tcp_rto_delta_us()\r\n\r\nWe have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic\r\nkernel that are running ceph and recently hit a null ptr dereference in\r\ntcp_rearm_rto(). Initially hitting it from the TLP path, but then later we also\r\nsaw it getting hit from the RACK case as well. Here are examples of the oops\r\nmessages we saw in each of those cases:\r\n\r\nJul 26 15:05:02 rx [11061395.780353] BUG: kernel NULL pointer dereference, address: 0000000000000020\r\nJul 26 15:05:02 rx [11061395.787572] #PF: supervisor read access in kernel mode\r\nJul 26 15:05:02 rx [11061395.792971] #PF: error_code(0x0000) - not-present page\r\nJul 26 15:05:02 rx [11061395.798362] PGD 0 P4D 0\r\nJul 26 15:05:02 rx [11061395.801164] Oops: 0000 [#1] SMP NOPTI\r\nJul 26 15:05:02 rx [11061395.805091] CPU: 0 PID: 9180 Comm: msgr-worker-1 Tainted: G W 5.4.0-174-generic #193-Ubuntu\r\nJul 26 15:05:02 rx [11061395.814996] Hardware name: Supermicro SMC 2x26 os-gen8 64C NVME-Y 256G/H12SSW-NTR, BIOS 2.5.V1.2U.NVMe.UEFI 05/09/2023\r\nJul 26 15:05:02 rx [11061395.825952] RIP: 0010:tcp_rearm_rto+0xe4/0x160\r\nJul 26 15:05:02 rx [11061395.830656] Code: 87 ca 04 00 00 00 5b 41 5c 41 5d 5d c3 c3 49 8b bc 24 40 06 00 00 eb 8d 48 bb cf f7 53 e3 a5 9b c4 20 4c 89 ef e8 0c fe 0e 00 \u003c48\u003e 8b 78 20 48 c1 ef 03 48 89 f8 41 8b bc 24 80 04 00 00 48 f7 e3\r\nJul 26 15:05:02 rx [11061395.849665] RSP: 0018:ffffb75d40003e08 EFLAGS: 00010246\r\nJul 26 15:05:02 rx [11061395.855149] RAX: 0000000000000000 RBX: 20c49ba5e353f7cf RCX: 0000000000000000\r\nJul 26 15:05:02 rx [11061395.862542] RDX: 0000000062177c30 RSI: 000000000000231c RDI: ffff9874ad283a60\r\nJul 26 15:05:02 rx [11061395.869933] RBP: ffffb75d40003e20 R08: 0000000000000000 R09: ffff987605e20aa8\r\nJul 26 15:05:02 rx [11061395.877318] R10: ffffb75d40003f00 R11: ffffb75d4460f740 R12: ffff9874ad283900\r\nJul 26 15:05:02 rx [11061395.884710] R13: ffff9874ad283a60 R14: ffff9874ad283980 R15: ffff9874ad283d30\r\nJul 26 15:05:02 rx [11061395.892095] FS: 00007f1ef4a2e700(0000) GS:ffff987605e00000(0000) knlGS:0000000000000000\r\nJul 26 15:05:02 rx [11061395.900438] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\r\nJul 26 15:05:02 rx [11061395.906435] CR2: 0000000000000020 CR3: 0000003e450ba003 CR4: 0000000000760ef0\r\nJul 26 15:05:02 rx [11061395.913822] PKRU: 55555554\r\nJul 26 15:05:02 rx [11061395.916786] Call Trace:\r\nJul 26 15:05:02 rx [11061395.919488]\r\nJul 26 15:05:02 rx [11061395.921765] ? show_regs.cold+0x1a/0x1f\r\nJul 26 15:05:02 rx [11061395.925859] ? __die+0x90/0xd9\r\nJul 26 15:05:02 rx [11061395.929169] ? no_context+0x196/0x380\r\nJul 26 15:05:02 rx [11061395.933088] ? ip6_protocol_deliver_rcu+0x4e0/0x4e0\r\nJul 26 15:05:02 rx [11061395.938216] ? ip6_sublist_rcv_finish+0x3d/0x50\r\nJul 26 15:05:02 rx [11061395.943000] ? __bad_area_nosemaphore+0x50/0x1a0\r\nJul 26 15:05:02 rx [11061395.947873] ? bad_area_nosemaphore+0x16/0x20\r\nJul 26 15:05:02 rx [11061395.952486] ? do_user_addr_fault+0x267/0x450\r\nJul 26 15:05:02 rx [11061395.957104] ? ipv6_list_rcv+0x112/0x140\r\nJul 26 15:05:02 rx [11061395.961279] ? __do_page_fault+0x58/0x90\r\nJul 26 15:05:02 rx [11061395.965458] ? do_page_fault+0x2c/0xe0\r\nJul 26 15:05:02 rx [11061395.969465] ? page_fault+0x34/0x40\r\nJul 26 15:05:02 rx [11061395.973217] ? tcp_rearm_rto+0xe4/0x160\r\nJul 26 15:05:02 rx [11061395.977313] ? tcp_rearm_rto+0xe4/0x160\r\nJul 26 15:05:02 rx [11061395.981408] tcp_send_loss_probe+0x10b/0x220\r\nJul 26 15:05:02 rx [11061395.985937] tcp_write_timer_handler+0x1b4/0x240\r\nJul 26 15:05:02 rx [11061395.990809] tcp_write_timer+0x9e/0xe0\r\nJul 26 15:05:02 rx [11061395.994814] ? tcp_write_timer_handler+0x240/0x240\r\nJul 26 15:05:02 rx [11061395.999866] call_timer_fn+0x32/0x130\r\nJul 26 15:05:02 rx [11061396.003782] __run_timers.part.0+0x180/0x280\r\nJul 26 15:05:02 rx [11061396.008309] ? recalibrate_cpu_khz+0x10/0x10\r\nJul 26 15:05:02 rx [11061396.012841] ? native_x2apic_icr_write+0x30/0x30\r\nJul 26 15:05:02 rx [11061396.017718] ? lapic_next_even\r\n---truncated---",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-47684"
    },
    {
      "cve": "CVE-2024-47701",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ext4: avoid OOB when system.data xattr changes underneath the filesystem.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-47701"
    },
    {
      "cve": "CVE-2024-47707",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ipv6: A NULL dereference vulnerability may occur in rt6_uncached_list_flush_dev() due to the necessary check being removed by a previous commit.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-47707"
    },
    {
      "cve": "CVE-2024-47737",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: nfsd: call cache_put if xdr_reserve_space returns NULL.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-47737"
    },
    {
      "cve": "CVE-2024-48881",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-48881"
    },
    {
      "cve": "CVE-2024-49881",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ext4: update orig_path in ext4_find_extent().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-49881"
    },
    {
      "cve": "CVE-2024-49884",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ext4: fix slab-use-after-free in ext4_split_extent_at().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-49884"
    },
    {
      "cve": "CVE-2024-49948",
      "cwe": {
        "id": "CWE-124",
        "name": "Buffer Underwrite (\u0027Buffer Underflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net: add more sanity checks to qdisc_pkt_len_init().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-49948"
    },
    {
      "cve": "CVE-2024-49949",
      "cwe": {
        "id": "CWE-124",
        "name": "Buffer Underwrite (\u0027Buffer Underflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net: avoid potential underflow in qdisc_pkt_len_init() with UFO.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-49949"
    },
    {
      "cve": "CVE-2024-49952",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: prevent nf_skb_duplicated corruption.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-49952"
    },
    {
      "cve": "CVE-2024-49982",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in more places For fixing CVE-2023-6270, f98364e92662 (\"aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts\") makes tx() calling dev_put() instead of doing in aoecmd_cfg_pkts(). It avoids that the tx() runs into use-after-free. Then Nicolai Stange found more places in aoe have potential use-after-free problem with tx(). e.g. revalidate(), aoecmd_ata_rw(), resend(), probe() and aoecmd_cfg_rsp(). Those functions also use aoenet_xmit() to push packet to tx queue. So they should also use dev_hold() to increase the refcnt of skb-\u003edev. On the other hand, moving dev_put() to tx() causes that the refcnt of skb-\u003edev be reduced to a negative value, because corresponding dev_hold() are not called in revalidate(), aoecmd_ata_rw(), resend(), probe(), and aoecmd_cfg_rsp(). This patch fixed this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-49982"
    },
    {
      "cve": "CVE-2024-49997",
      "cwe": {
        "id": "CWE-226",
        "name": "Sensitive Information in Resource Not Removed Before Reuse"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiq_etop: fix memory disclosure When applying padding, the buffer is not zeroed, which results in memory disclosure. The mentioned data is observed on the wire. This patch uses skb_put_padto() to pad Ethernet frames properly. The mentioned function zeroes the expanded buffer. In case the packet cannot be padded it is silently dropped. Statistics are also not incremented. This driver does not support statistics in the old 32-bit format or the new 64-bit format. These will be added in the future. In its current form, the patch should be easily backported to stable versions. Ethernet MACs on Amazon-SE and Danube cannot do padding of the packets in hardware, so software padding must be applied.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-49997"
    },
    {
      "cve": "CVE-2024-50006",
      "cwe": {
        "id": "CWE-833",
        "name": "Deadlock"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ext4: fix i_data_sem unlock order in ext4_ind_migrate().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-50006"
    },
    {
      "cve": "CVE-2024-50040",
      "cwe": {
        "id": "CWE-390",
        "name": "Detection of Error Condition Without Action"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: igb: Do not bring the device up after non-fatal error.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-50040"
    },
    {
      "cve": "CVE-2024-50045",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: br_netfilter: fix panic with metadata_dst skb.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-50045"
    },
    {
      "cve": "CVE-2024-50251",
      "cwe": {
        "id": "CWE-131",
        "name": "Incorrect Calculation of Buffer Size"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_payload: sanitize offset and length before calling skb_checksum() If access to offset + length is larger than the skbuff length, then skb_checksum() triggers BUG_ON(). skb_checksum() internally subtracts the length parameter while iterating over skbuff, BUG_ON(len) at the end of it checks that the expected length to be included in the checksum calculation is fully consumed.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-50251"
    },
    {
      "cve": "CVE-2024-50262",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: bpf: Fix out-of-bounds write in trie_get_next_key().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-50262"
    },
    {
      "cve": "CVE-2024-50299",
      "cwe": {
        "id": "CWE-131",
        "name": "Incorrect Calculation of Buffer Size"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: sctp: properly validate chunk size in sctp_sf_ootb()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-50299"
    },
    {
      "cve": "CVE-2024-50301",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: security/keys: fix slab-out-of-bounds in key_task_permission.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-50301"
    },
    {
      "cve": "CVE-2024-50602",
      "cwe": {
        "id": "CWE-754",
        "name": "Improper Check for Unusual or Exceptional Conditions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-50602"
    },
    {
      "cve": "CVE-2024-52332",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "igb: Fix potential invalid memory access in igb_init_module() The pci_register_driver() can fail and when this happened, the dca_notifier needs to be unregistered, otherwise the dca_notifier can be called when igb fails to install, resulting to invalid memory access.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-52332"
    },
    {
      "cve": "CVE-2024-52533",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing \u0027\\\\0\u0027 character.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-52533"
    },
    {
      "cve": "CVE-2024-53057",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-53057"
    },
    {
      "cve": "CVE-2024-53124",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "net: fix data-races around sk sk_forward_alloc.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-53124"
    },
    {
      "cve": "CVE-2024-53140",
      "cwe": {
        "id": "CWE-755",
        "name": "Improper Handling of Exceptional Conditions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netlink: terminate outstanding dump on socket close Netlink supports iterative dumping of data. It provides the families the following ops: - start - (optional) kicks off the dumping process - dump - actual dump helper, keeps getting called until it returns 0 - done - (optional) pairs with .start, can be used for cleanup The whole process is asynchronous and the repeated calls to .dump don\u0027t actually happen in a tight loop, but rather are triggered in response to recvmsg() on the socket. This gives the user full control over the dump, but also means that the user can close the socket without getting to the end of the dump. To make sure .start is always paired with .done we check if there is an ongoing dump before freeing the socket, and if so call .done. The complication is that sockets can get freed from BH and .done is allowed to sleep. So we use a workqueue to defer the call, when needed. Unfortunately this does not work correctly. What we defer is not the cleanup but rather releasing a reference on the socket. We have no guarantee that we own the last reference, if someone else holds the socket they may release it in BH and we\u0027re back to square one. The whole dance, however, appears to be unnecessary. Only the user can interact with dumps, so we can clean up when socket is closed. And close always happens in process context. Some async code may still access the socket after close, queue notification skbs to it etc. but no dumps can start, end or otherwise make progress. Delete the workqueue and flush the dump state directly from the release handler. Note that further cleanup is possible in -next, for instance we now always call .done before releasing the main module reference, so dump doesn\u0027t have to take a reference of its own.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-53140"
    },
    {
      "cve": "CVE-2024-53164",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch-\u003eq.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a call to said function because otherwise it may fail to notify parent qdiscs when the child is about to become empty.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-53164"
    },
    {
      "cve": "CVE-2024-53165",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: sh: intc: Fix use-after-free bug in register_intc_controller() In the error handling for this function, d is freed without ever removing it from intc_list which would lead to a use after free. To fix this, let\u0027s only add it to the list after everything has succeeded.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-53165"
    },
    {
      "cve": "CVE-2024-53217",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent NULL dereference in nfsd4_process_cb_update().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-53217"
    },
    {
      "cve": "CVE-2024-56433",
      "cwe": {
        "id": "CWE-1188",
        "name": "Initialization of a Resource with an Insecure Default"
      },
      "notes": [
        {
          "category": "summary",
          "text": "shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.6,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-56433"
    },
    {
      "cve": "CVE-2024-56569",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ftrace: Fix regression with module command in stack_trace_filter When executing the following command: # echo \"write*:mod:ext3\" \u003e /sys/kernel/tracing/stack_trace_filter The current mod command causes a null pointer dereference. While commit 0f17976568b3f (\"ftrace: Fix regression with module command in stack_trace_filter\") has addressed part of the issue, it left a corner case unhandled, which still results in a kernel crash.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-56569"
    },
    {
      "cve": "CVE-2024-56570",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ovl: Filter invalid inodes with missing lookup function Add a check to the ovl_dentry_weird() function to prevent the processing of directory inodes that lack the lookup function.This is important because such inodes can cause errors in overlayfs when passed to the lowerstack.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-56570"
    },
    {
      "cve": "CVE-2024-56600",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "net: inet6: do not leave a dangling sk pointer in inet6_create() sock_init_data() attaches the allocated sk pointer to the provided sock object. If inet6_create() fails later, the sk object is released, but the sock object retains the dangling sk pointer, which may cause use-after-free later. Clear the sock sk pointer on error.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-56600"
    },
    {
      "cve": "CVE-2024-56601",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inet_create() sock_init_data() attaches the allocated sk object to the provided sock object. If inet_create() fails later, the sk object is freed, but the sock object retains the dangling pointer, which may create use-after-free later. Clear the sk pointer in the sock object on error.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-56601"
    },
    {
      "cve": "CVE-2024-56606",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "af_packet: avoid erroring out after sock_init_data() in packet_create() After sock_init_data() the allocated sk object is attached to the provided sock object. On error, packet_create() frees the sk object leaving the dangling pointer in the sock object on return. Some other code may try to use this pointer and cause use-after-free.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-56606"
    },
    {
      "cve": "CVE-2024-56644",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net/ipv6: release expired exception dst cached in socket Dst objects get leaked in ip6_negative_advice() when this function is executed for an expired IPv6 route located in the exception table.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-56644"
    },
    {
      "cve": "CVE-2024-56650",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: fix LED ID check in led_tg_check() Syzbot has reported the following BUG detected by KASAN",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-56650"
    },
    {
      "cve": "CVE-2024-56770",
      "cwe": {
        "id": "CWE-670",
        "name": "Always-Incorrect Control Flow Implementation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "net/sched: netem: The interface fully stops transferring packets and \"locks\". In this case, the child qdisc and tfifo are empty, but \u0027qlen\u0027 indicates the tfifo is at its limit and no more packets are accepted.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-56770"
    },
    {
      "cve": "CVE-2024-56779",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur\r\n\r\nThe action force umount(umount -f) will attempt to kill all rpc_task even\r\numount operation may ultimately fail if some files remain open.\r\nConsequently, if an action attempts to open a file, it can potentially\r\nsend two rpc_task to nfs server.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-56779"
    },
    {
      "cve": "CVE-2024-56780",
      "cwe": {
        "id": "CWE-833",
        "name": "Deadlock"
      },
      "notes": [
        {
          "category": "summary",
          "text": "quota: flush quota_release_work upon quota writeback One of the paths quota writeback is called from is: freeze_super() sync_filesystem() ext4_sync_fs() dquot_writeback_dquots().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-56780"
    },
    {
      "cve": "CVE-2024-57884",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim()\r\n\r\nThe task sometimes continues looping in throttle_direct_reclaim() because\r\nallow_direct_reclaim(pgdat) keeps returning false.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-57884"
    },
    {
      "cve": "CVE-2024-57901",
      "cwe": {
        "id": "CWE-664",
        "name": "Improper Control of a Resource Through its Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "af_packet: vlan_get_protocol_dgram() vs MSG_PEEK Blamed allowing a crash.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-57901"
    },
    {
      "cve": "CVE-2025-0167",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When asked to use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has a default entry that omits both login and password. A rare circumstance.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.4,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2025-0167"
    },
    {
      "cve": "CVE-2025-0395",
      "cwe": {
        "id": "CWE-131",
        "name": "Incorrect Calculation of Buffer Size"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2025-0395"
    },
    {
      "cve": "CVE-2025-0665",
      "cwe": {
        "id": "CWE-1341",
        "name": "Multiple Releases of Same Resource or Handle"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2025-0665"
    },
    {
      "cve": "CVE-2025-0725",
      "cwe": {
        "id": "CWE-680",
        "name": "Integer Overflow to Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPT_ACCEPT_ENCODING option, using zlib 1.2.0.3 or older, an attacker-controlled integer overflow would make libcurl perform a buffer overflow.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2025-0725"
    },
    {
      "cve": "CVE-2025-1390",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The PAM module pam_cap.so of libcap configuration supports group names starting with \u201c@\u201d, during actual parsing, configurations not starting with \u201c@\u201d are incorrectly recognized as group names. This may result in nonintended users being granted an inherited capability set, potentially leading to security risks. Attackers can exploit this vulnerability to achieve local privilege escalation on systems where /etc/security/capability.conf is used to configure user inherited privileges by constructing specific usernames.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2025-1390"
    },
    {
      "cve": "CVE-2025-3277",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An integer overflow can be triggered in SQLite\u0027s \u0027concat_ws()\u0027 function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a wild Heap Buffer overflow of size 4GB can be triggered. This can result in arbitrary code execution.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2025-3277"
    },
    {
      "cve": "CVE-2025-3360",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "1. Describe what is the vulnerability about, e.g.:\n    Affected devices do not properly validate input in the hack-me endpoint of the web service.\n\n    2. Describe what an attacker could do with it - e.g.:\n    This could allow an unauthenticated remote attacker to execute arbitrary code on the device.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 0.0,
            "baseSeverity": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2025-3360"
    },
    {
      "cve": "CVE-2025-21694",
      "cwe": {
        "id": "CWE-667",
        "name": "Improper Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "fs/proc: softlockup in __read_vmcore",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2025-21694"
    },
    {
      "cve": "CVE-2025-26466",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2025-26466"
    },
    {
      "cve": "CVE-2025-29087",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQLite, the concat_ws() SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string (e.g., 2MB or more), an integer overflow occurs in calculating the size of the result buffer, and thus malloc may not allocate enough memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2025-29087"
    },
    {
      "cve": "CVE-2025-29088",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability in sqlite allows an attacker to cause a denial of service via the SQLITE_DBCONFIG_LOOKASIDE component.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2025-29088"
    },
    {
      "cve": "CVE-2025-32728",
      "cwe": {
        "id": "CWE-440",
        "name": "Expected Behavior Violation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2025-32728"
    }
  ]
}

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Multiple vulnerabilities have been identified in the BIOS of the SIMATIC S7-1500 TM MFP before V1.3.0.\n\nSiemens has released a new version for SIMATIC S7-1500 TM MFP - BIOS and recommends to update to the latest version.",
        "title": "Summary"
      },
      {
        "category": "general",
        "text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
        "title": "General Recommendations"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "productcert@siemens.com",
      "name": "Siemens ProductCERT",
      "namespace": "https://www.siemens.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "SSA-831302: Vulnerabilities in the BIOS of the SIMATIC S7-1500 TM MFP before V1.3.0 - HTML Version",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-831302.html"
      },
      {
        "category": "self",
        "summary": "SSA-831302: Vulnerabilities in the BIOS of the SIMATIC S7-1500 TM MFP before V1.3.0 - CSAF Version",
        "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-831302.json"
      },
      {
        "category": "self",
        "summary": "SSA-831302: Vulnerabilities in the BIOS of the SIMATIC S7-1500 TM MFP before V1.3.0 - PDF Version",
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-831302.pdf"
      },
      {
        "category": "self",
        "summary": "SSA-831302: Vulnerabilities in the BIOS of the SIMATIC S7-1500 TM MFP before V1.3.0 - TXT Version",
        "url": "https://cert-portal.siemens.com/productcert/txt/ssa-831302.txt"
      }
    ],
    "title": "SSA-831302: Vulnerabilities in the BIOS of the SIMATIC S7-1500 TM MFP before V1.3.0",
    "tracking": {
      "current_release_date": "2024-04-09T00:00:00Z",
      "generator": {
        "engine": {
          "name": "Siemens ProductCERT CSAF Generator",
          "version": "1"
        }
      },
      "id": "SSA-831302",
      "initial_release_date": "2023-06-13T00:00:00Z",
      "revision_history": [
        {
          "date": "2023-06-13T00:00:00Z",
          "legacy_version": "1.0",
          "number": "1",
          "summary": "Publication Date"
        },
        {
          "date": "2023-09-12T00:00:00Z",
          "legacy_version": "1.1",
          "number": "2",
          "summary": "Added CVE-2022-1015, CVE-2023-2898, CVE-2023-31248, CVE-2023-3390, CVE-2023-35001, CVE-2023-3610, CVE-2023-3611, CVE-2023-3776, CVE-2023-4004, CVE-2023-4015, CVE-2023-4128, CVE-2023-4147, CVE-2023-4273"
        },
        {
          "date": "2023-11-14T00:00:00Z",
          "legacy_version": "1.2",
          "number": "3",
          "summary": "Added CVE-2023-4527, CVE-2023-4806, CVE-2023-4911, CVE-2023-5156"
        },
        {
          "date": "2023-12-12T00:00:00Z",
          "legacy_version": "1.3",
          "number": "4",
          "summary": "Added CVE-2021-44879, CVE-2023-45863"
        },
        {
          "date": "2024-04-09T00:00:00Z",
          "legacy_version": "1.4",
          "number": "5",
          "summary": "Added fix for SIMATIC S7-1500 TM MFP - BIOS"
        }
      ],
      "status": "interim",
      "version": "5"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cV1.3.0",
                "product": {
                  "name": "SIMATIC S7-1500 TM MFP - BIOS",
                  "product_id": "1"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 TM MFP - BIOS"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2016-10228",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2016-10228"
    },
    {
      "cve": "CVE-2019-25013",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2019-25013"
    },
    {
      "cve": "CVE-2020-1752",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2020-1752"
    },
    {
      "cve": "CVE-2020-10029",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2020-10029"
    },
    {
      "cve": "CVE-2020-27618",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2020-27618"
    },
    {
      "cve": "CVE-2020-29562",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2020-29562"
    },
    {
      "cve": "CVE-2021-3326",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-3326"
    },
    {
      "cve": "CVE-2021-3998",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-3998"
    },
    {
      "cve": "CVE-2021-3999",
      "cwe": {
        "id": "CWE-193",
        "name": "Off-by-one Error"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-3999"
    },
    {
      "cve": "CVE-2021-20269",
      "cwe": {
        "id": "CWE-276",
        "name": "Incorrect Default Permissions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the permissions of a log file created by kexec-tools. This flaw allows a local unprivileged user to read this file and leak kernel internal information from a previous panic. The highest threat from this vulnerability is to confidentiality. This flaw affects kexec-tools shipped by Fedora versions prior to 2.0.21-8 and RHEL versions prior to 2.0.20-47.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-20269"
    },
    {
      "cve": "CVE-2021-27645",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-27645"
    },
    {
      "cve": "CVE-2021-28831",
      "cwe": {
        "id": "CWE-755",
        "name": "Improper Handling of Exceptional Conditions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-28831"
    },
    {
      "cve": "CVE-2021-33574",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-33574"
    },
    {
      "cve": "CVE-2021-35942",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-35942"
    },
    {
      "cve": "CVE-2021-38604",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 fix.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-38604"
    },
    {
      "cve": "CVE-2021-42373",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference in Busybox\u0027s man applet leads to denial of service when a section name is supplied but no page argument is given.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-42373"
    },
    {
      "cve": "CVE-2021-42374",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds heap read in Busybox\u0027s unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed. This can be triggered by any applet/format that internally supports LZMA compression.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-42374"
    },
    {
      "cve": "CVE-2021-42375",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An incorrect handling of a special element in Busybox\u0027s ash applet leads to denial of service when processing a crafted shell command, due to the shell mistaking specific characters for reserved characters. This may be used for DoS under rare conditions of filtered command input.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-42375"
    },
    {
      "cve": "CVE-2021-42376",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference in Busybox\u0027s hush applet leads to denial of service when processing a crafted shell command, due to missing validation after a \\x03 delimiter character. This may be used for DoS under very rare conditions of filtered command input.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-42376"
    },
    {
      "cve": "CVE-2021-42377",
      "cwe": {
        "id": "CWE-763",
        "name": "Release of Invalid Pointer or Reference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An attacker-controlled pointer free in Busybox\u0027s hush applet leads to denial of service and possible code execution when processing a crafted shell command, due to the shell mishandling the \u0026\u0026\u0026 string. This may be used for remote code execution under rare conditions of filtered command input.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-42377"
    },
    {
      "cve": "CVE-2021-42378",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free in Busybox\u0027s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-42378"
    },
    {
      "cve": "CVE-2021-42379",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free in Busybox\u0027s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-42379"
    },
    {
      "cve": "CVE-2021-42380",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-42380"
    },
    {
      "cve": "CVE-2021-42381",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-42381"
    },
    {
      "cve": "CVE-2021-42382",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-42382"
    },
    {
      "cve": "CVE-2021-42383",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-42383"
    },
    {
      "cve": "CVE-2021-42384",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free in Busybox\u0027s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-42384"
    },
    {
      "cve": "CVE-2021-42385",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-42385"
    },
    {
      "cve": "CVE-2021-42386",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-42386"
    },
    {
      "cve": "CVE-2021-44879",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-44879"
    },
    {
      "cve": "CVE-2022-1015",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. This flaw allows a local user to cause an out-of-bounds write issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-1015"
    },
    {
      "cve": "CVE-2022-1882",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in the Linux kernel\u2019s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-1882"
    },
    {
      "cve": "CVE-2022-2585",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in the Linux kernel\u2019s POSIX CPU timers functionality in the way a user creates and then deletes the timer in the non-leader thread of the program. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-2585"
    },
    {
      "cve": "CVE-2022-2588",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-2588"
    },
    {
      "cve": "CVE-2022-2905",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds memory read flaw was found in the Linux kernel\u0027s BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-2905"
    },
    {
      "cve": "CVE-2022-3028",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A race condition was found in the Linux kernel\u0027s IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3028"
    },
    {
      "cve": "CVE-2022-3435",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fib_nh_match of the file net/ipv4/fib_semantics.c of the component IPv4 Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-210357 was assigned to this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3435"
    },
    {
      "cve": "CVE-2022-3586",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel\u2019s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3586"
    },
    {
      "cve": "CVE-2022-4378",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A stack overflow flaw was found in the Linux kernel\u0027s SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-4378"
    },
    {
      "cve": "CVE-2022-4662",
      "cwe": {
        "id": "CWE-455",
        "name": "Non-exit on Failed Initialization"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-4662"
    },
    {
      "cve": "CVE-2022-20421",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239630375References: Upstream kernel",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-20421"
    },
    {
      "cve": "CVE-2022-20422",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In emulation_proc_handler of armv8_deprecated.c, there is a possible way to corrupt memory due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237540956References: Upstream kernel",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-20422"
    },
    {
      "cve": "CVE-2022-21233",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Improper isolation of shared resources in some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-21233"
    },
    {
      "cve": "CVE-2022-23218",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-23218"
    },
    {
      "cve": "CVE-2022-23219",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-23219"
    },
    {
      "cve": "CVE-2022-28391",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record\u0027s value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal\u0027s colors.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-28391"
    },
    {
      "cve": "CVE-2022-30065",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free in Busybox 1.35-x\u0027s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-30065"
    },
    {
      "cve": "CVE-2022-39188",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-39188"
    },
    {
      "cve": "CVE-2022-39190",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-39190"
    },
    {
      "cve": "CVE-2022-40307",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-40307"
    },
    {
      "cve": "CVE-2022-41222",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-41222"
    },
    {
      "cve": "CVE-2022-42703",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-42703"
    },
    {
      "cve": "CVE-2023-0179",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-0179"
    },
    {
      "cve": "CVE-2023-0394",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-0394"
    },
    {
      "cve": "CVE-2023-1073",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A memory corruption flaw was found in the Linux kernel\u2019s human interface device (HID) subsystem in how a user inserts a malicious USB device. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-1073"
    },
    {
      "cve": "CVE-2023-2898",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user to cause a denial of service problem.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-2898"
    },
    {
      "cve": "CVE-2023-3390",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability was found in the Linux kernel\u0027s netfilter subsystem in net/netfilter/nf_tables_api.c.\n\nMishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local attacker with user access to cause a privilege escalation issue.\n\nWe recommend upgrading past commit\u00a01240eb93f0616b21c675416516ff3d74798fdc97.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-3390"
    },
    {
      "cve": "CVE-2023-3610",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\r\n\r\nFlaw in the error handling of bound chains causes a use-after-free in the abort path of NFT_MSG_NEWRULE. The vulnerability requires CAP_NET_ADMIN to be triggered.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-3610"
    },
    {
      "cve": "CVE-2023-3611",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds write vulnerability in the Linux kernel\u0027s net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\r\n\r\nThe qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-3611"
    },
    {
      "cve": "CVE-2023-3776",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: cls_fw component can be exploited to achieve local privilege escalation.\r\n\r\nIf tcf_change_indev() fails, fw_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-3776"
    },
    {
      "cve": "CVE-2023-4004",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in the Linux kernel\u0027s netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-4004"
    },
    {
      "cve": "CVE-2023-4015",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The netfilter subsystem in the Linux kernel did not properly handle bound chain deactivation in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-4015"
    },
    {
      "cve": "CVE-2023-4128",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel allows a local attacker to perform a local privilege escalation due to incorrect handling of the existing filter, leading to a kernel information leak.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-4128"
    },
    {
      "cve": "CVE-2023-4147",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u2019s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID allows a local user to crash or escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-4147"
    },
    {
      "cve": "CVE-2023-4273",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "This vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this vulnerability to overflow the kernel stack.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-4273"
    },
    {
      "cve": "CVE-2023-4527",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-4527"
    },
    {
      "cve": "CVE-2023-4806",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-4806"
    },
    {
      "cve": "CVE-2023-4911",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A buffer overflow was discovered in the GNU C Library\u0027s dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-4911"
    },
    {
      "cve": "CVE-2023-5156",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-5156"
    },
    {
      "cve": "CVE-2023-31248",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-31248"
    },
    {
      "cve": "CVE-2023-35001",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-35001"
    },
    {
      "cve": "CVE-2023-45863",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in a fill_kobj_path out-of-bounds write.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-45863"
    }
  ]
}

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "SINEC OS before V3.1 contains third-party components with multiple vulnerabilities.\n\nSiemens has released new versions for the affected products and recommends to update to the latest versions.",
        "title": "Summary"
      },
      {
        "category": "general",
        "text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
        "title": "General Recommendations"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "productcert@siemens.com",
      "name": "Siemens ProductCERT",
      "namespace": "https://www.siemens.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "SSA-613116: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.1 - HTML Version",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-613116.html"
      },
      {
        "category": "self",
        "summary": "SSA-613116: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.1 - CSAF Version",
        "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-613116.json"
      }
    ],
    "title": "SSA-613116: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.1",
    "tracking": {
      "current_release_date": "2025-08-12T00:00:00Z",
      "generator": {
        "engine": {
          "name": "Siemens ProductCERT CSAF Generator",
          "version": "1"
        }
      },
      "id": "SSA-613116",
      "initial_release_date": "2025-08-12T00:00:00Z",
      "revision_history": [
        {
          "date": "2025-08-12T00:00:00Z",
          "legacy_version": "1.0",
          "number": "1",
          "summary": "Publication Date"
        }
      ],
      "status": "interim",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/\u003c3.1",
                "product": {
                  "name": "RUGGEDCOM RST2428P (6GK6242-6PA00)",
                  "product_id": "1",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK6242-6PA00"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "RUGGEDCOM RST2428P (6GK6242-6PA00)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/\u003c3.1",
                "product": {
                  "name": "SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family",
                  "product_id": "2"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/\u003c3.1",
                "product": {
                  "name": "SCALANCE XCM-/XRM-/XCH-/XRH-300 family",
                  "product_id": "3"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XCM-/XRM-/XCH-/XRH-300 family"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-44879",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2021-44879"
    },
    {
      "cve": "CVE-2022-48935",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nf_tables: unregister flowtable hooks on netns exit",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2022-48935"
    },
    {
      "cve": "CVE-2023-3567",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-3567"
    },
    {
      "cve": "CVE-2023-5178",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a malicious local privileged user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation problem.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-5178"
    },
    {
      "cve": "CVE-2023-5678",
      "cwe": {
        "id": "CWE-606",
        "name": "Unchecked Input for Loop Condition"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn\u0027t make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn\u0027t check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the \"-pubcheck\" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-5678"
    },
    {
      "cve": "CVE-2023-5717",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A heap out-of-bounds write vulnerability in the Linux kernel\u0027s Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation.\r\n\r\nIf perf_read_group() is called while an event\u0027s sibling_list is smaller than its child\u0027s sibling_list, it can increment or write to memory locations outside of the allocated buffer.\r\n\r\nWe recommend upgrading past commit 32671e3799ca2e4590773fd0e63aaa4229e50c06.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-5717"
    },
    {
      "cve": "CVE-2023-6040",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family); While creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_newtable` function enables an attacker to achieve out-of-bounds access.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-6040"
    },
    {
      "cve": "CVE-2023-6121",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the kernel ring buffer (dmesg).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-6121"
    },
    {
      "cve": "CVE-2023-6606",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-6606"
    },
    {
      "cve": "CVE-2023-6931",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A heap out-of-bounds write vulnerability in the Linux kernel\u0027s Performance Events system component can be exploited to achieve local privilege escalation.\n\nA perf_event\u0027s read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group().\n\nWe recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-6931"
    },
    {
      "cve": "CVE-2023-6932",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s ipv4: igmp component can be exploited to achieve local privilege escalation.\n\nA race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread.\n\nWe recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-6932"
    },
    {
      "cve": "CVE-2023-35827",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel through 6.3.8. A use-after-free was found in ravb_remove in drivers/net/ethernet/renesas/ravb_main.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-35827"
    },
    {
      "cve": "CVE-2023-39198",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the qxl_gem_object_create_with_handle(), but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the returned handle value and trigger a use-after-free issue, potentially leading to a denial of service or privilege escalation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-39198"
    },
    {
      "cve": "CVE-2023-45863",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in a fill_kobj_path out-of-bounds write.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-45863"
    },
    {
      "cve": "CVE-2023-46343",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel before 6.5.9, there is a NULL pointer dereference in send_acknowledge in net/nfc/nci/spi.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-46343"
    },
    {
      "cve": "CVE-2023-51779",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-51779"
    },
    {
      "cve": "CVE-2023-51780",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-51780"
    },
    {
      "cve": "CVE-2023-51781",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel before 6.6.8. atalk_ioctl in net/appletalk/ddp.c has a use-after-free because of an atalk_recvmsg race condition.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-51781"
    },
    {
      "cve": "CVE-2023-51782",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept race condition.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-51782"
    },
    {
      "cve": "CVE-2023-52340",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The IPv6 implementation in the Linux kernel before 6.3 has a net/ipv6/route.c max_size threshold that can be consumed easily, e.g., leading to a denial of service (network is unreachable errors) when IPv6 packets are sent in a loop via a raw socket.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52340"
    },
    {
      "cve": "CVE-2023-52433",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nft_set_rbtree: skip sync GC for new elements in this transaction",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52433"
    },
    {
      "cve": "CVE-2023-52435",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet: prevent mss overflow in skb_segment()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52435"
    },
    {
      "cve": "CVE-2023-52475",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nInput: powermate - fix use-after-free in powermate_config_complete",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52475"
    },
    {
      "cve": "CVE-2023-52477",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nusb: hub: Guard against accesses to uninitialized BOS descriptors",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52477"
    },
    {
      "cve": "CVE-2023-52478",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nHID: logitech-hidpp: Fix kernel crash on receiver USB disconnect",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52478"
    },
    {
      "cve": "CVE-2023-52486",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndrm: Don\u0027t unref the same fb many times by mistake due to deadlock handling",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52486"
    },
    {
      "cve": "CVE-2023-52502",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52502"
    },
    {
      "cve": "CVE-2023-52504",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nx86/alternatives: Disable KASAN in apply_alternatives()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52504"
    },
    {
      "cve": "CVE-2023-52507",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnfc: nci: assert requested protocol is valid",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52507"
    },
    {
      "cve": "CVE-2023-52509",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nravb: Fix use-after-free issue in ravb_tx_timeout_work()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52509"
    },
    {
      "cve": "CVE-2023-52510",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nieee802154: ca8210: Fix a potential UAF in ca8210_probe",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52510"
    },
    {
      "cve": "CVE-2023-52581",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nf_tables: fix memleak when more than 255 elements expired",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52581"
    },
    {
      "cve": "CVE-2023-52583",
      "cwe": {
        "id": "CWE-833",
        "name": "Deadlock"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nceph: fix deadlock or deadcode of misusing dget()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52583"
    },
    {
      "cve": "CVE-2023-52587",
      "cwe": {
        "id": "CWE-413",
        "name": "Improper Resource Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nIB/ipoib: Fix mcast list locking",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52587"
    },
    {
      "cve": "CVE-2023-52594",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nwifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52594"
    },
    {
      "cve": "CVE-2023-52595",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nwifi: rt2x00: restart beacon queue when hardware reset",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52595"
    },
    {
      "cve": "CVE-2023-52597",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nKVM: s390: fix setting of fpc register",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52597"
    },
    {
      "cve": "CVE-2023-52598",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ns390/ptrace: handle setting of fpc register correctly",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52598"
    },
    {
      "cve": "CVE-2023-52599",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\njfs: fix array-index-out-of-bounds in diNewExt",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52599"
    },
    {
      "cve": "CVE-2023-52600",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\njfs: fix uaf in jfs_evict_inode",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52600"
    },
    {
      "cve": "CVE-2023-52601",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\njfs: fix array-index-out-of-bounds in dbAdjTree",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52601"
    },
    {
      "cve": "CVE-2023-52602",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\njfs: fix slab-out-of-bounds Read in dtSearch",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52602"
    },
    {
      "cve": "CVE-2023-52603",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nUBSAN: array-index-out-of-bounds in dtSplitRoot",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52603"
    },
    {
      "cve": "CVE-2023-52604",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nFS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52604"
    },
    {
      "cve": "CVE-2023-52606",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\npowerpc/lib: Validate size for vector operations",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52606"
    },
    {
      "cve": "CVE-2023-52607",
      "cwe": {
        "id": "CWE-395",
        "name": "Use of NullPointerException Catch to Detect NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\npowerpc/mm: Fix null-pointer dereference in pgtable_cache_add",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52607"
    },
    {
      "cve": "CVE-2023-52615",
      "cwe": {
        "id": "CWE-833",
        "name": "Deadlock"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nhwrng: core - Fix page fault dead lock on mmap-ed hwrng",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52615"
    },
    {
      "cve": "CVE-2023-52617",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nPCI: switchtec: Fix stdev_release() crash after surprise hot remove",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52617"
    },
    {
      "cve": "CVE-2023-52619",
      "cwe": {
        "id": "CWE-99",
        "name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\npstore/ram: Fix crash when setting number of cpus to an odd number",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52619"
    },
    {
      "cve": "CVE-2023-52622",
      "cwe": {
        "id": "CWE-131",
        "name": "Incorrect Calculation of Buffer Size"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ext4: avoid online resizing failures due to oversized flex bg.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52622"
    },
    {
      "cve": "CVE-2023-52623",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nSUNRPC: Fix a suspicious RCU usage warning",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52623"
    },
    {
      "cve": "CVE-2023-52637",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ncan: j1939: Fix UAF in j1939_sk_match_filter during setsockopt(SO_J1939_FILTER)",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52637"
    },
    {
      "cve": "CVE-2023-52654",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nio_uring/af_unix: disable sending io_uring over sockets",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52654"
    },
    {
      "cve": "CVE-2023-52655",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nusb: aqc111: check packet for fixup for true limit",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52655"
    },
    {
      "cve": "CVE-2023-52670",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nrpmsg: virtio: Free driver_override when rpmsg_remove()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52670"
    },
    {
      "cve": "CVE-2023-52753",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndrm/amd/display: Avoid NULL dereference of timing generator",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52753"
    },
    {
      "cve": "CVE-2023-52764",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nmedia: gspca: cpia1: shift-out-of-bounds in set_flicker",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52764"
    },
    {
      "cve": "CVE-2023-52774",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ns390/dasd: protect device queue against concurrent access",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52774"
    },
    {
      "cve": "CVE-2023-52784",
      "cwe": {
        "id": "CWE-99",
        "name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nbonding: stop the device in bond_setup_by_slave()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52784"
    },
    {
      "cve": "CVE-2023-52789",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ntty: vcc: Add check for kstrdup() in vcc_probe()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52789"
    },
    {
      "cve": "CVE-2023-52791",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ni2c: core: Run atomic i2c xfer when !preemptible",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52791"
    },
    {
      "cve": "CVE-2023-52796",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nipvlan: add ipvlan_route_v6_outbound() helper",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52796"
    },
    {
      "cve": "CVE-2023-52799",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\njfs: fix array-index-out-of-bounds in dbFindLeaf",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52799"
    },
    {
      "cve": "CVE-2023-52804",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfs/jfs: Add validity check for db_maxag and db_agpref",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52804"
    },
    {
      "cve": "CVE-2023-52805",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\njfs: fix array-index-out-of-bounds in diAlloc",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52805"
    },
    {
      "cve": "CVE-2023-52806",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nALSA: hda: Fix possible null-ptr-deref when assigning a stream",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52806"
    },
    {
      "cve": "CVE-2023-52809",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nscsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52809"
    },
    {
      "cve": "CVE-2023-52810",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfs/jfs: Add check for negative db_l2nbperpage",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52810"
    },
    {
      "cve": "CVE-2023-52813",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ncrypto: pcrypt - Fix hungtask for PADATA_RESET",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52813"
    },
    {
      "cve": "CVE-2023-52817",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndrm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52817"
    },
    {
      "cve": "CVE-2023-52818",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndrm/amd: Fix UBSAN array-index-out-of-bounds for SMU7",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52818"
    },
    {
      "cve": "CVE-2023-52819",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndrm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52819"
    },
    {
      "cve": "CVE-2023-52832",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nwifi: mac80211: don\u0027t return unset power in ieee80211_get_tx_power()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52832"
    },
    {
      "cve": "CVE-2023-52835",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nperf/core: Bail out early if the request AUX area is out of bound",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52835"
    },
    {
      "cve": "CVE-2023-52836",
      "cwe": {
        "id": "CWE-99",
        "name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nlocking/ww_mutex/test: Fix potential workqueue corruption",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52836"
    },
    {
      "cve": "CVE-2023-52838",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfbdev: imsttfb: fix a resource leak in probe",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52838"
    },
    {
      "cve": "CVE-2023-52840",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nInput: synaptics-rmi4 - fix use after free in rmi_unregister_function()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52840"
    },
    {
      "cve": "CVE-2023-52843",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nllc: verify mac len before reading mac header",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52843"
    },
    {
      "cve": "CVE-2023-52845",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ntipc: Change nla_policy for bearer-related names to NLA_NUL_STRING",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52845"
    },
    {
      "cve": "CVE-2023-52847",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nmedia: bttv: fix use after free error due to btv-\u003etimeout timer",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52847"
    },
    {
      "cve": "CVE-2023-52853",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nhid: cp2112: Fix duplicate workqueue initialization",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52853"
    },
    {
      "cve": "CVE-2023-52855",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nusb: dwc2: fix possible NULL pointer dereference caused by driver concurrency",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52855"
    },
    {
      "cve": "CVE-2023-52858",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nclk: mediatek: clk-mt7629: Add check for mtk_alloc_clk_data",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52858"
    },
    {
      "cve": "CVE-2023-52864",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nplatform/x86: wmi: Fix opening of char device",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52864"
    },
    {
      "cve": "CVE-2023-52865",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nclk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52865"
    },
    {
      "cve": "CVE-2023-52867",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndrm/radeon: possible buffer overflow",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52867"
    },
    {
      "cve": "CVE-2023-52868",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nthermal: core: prevent potential string overflow",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52868"
    },
    {
      "cve": "CVE-2023-52871",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nsoc: qcom: llcc: Handle a second device without data corruption",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52871"
    },
    {
      "cve": "CVE-2023-52873",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nclk: mediatek: clk-mt6779: Add check for mtk_alloc_clk_data",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52873"
    },
    {
      "cve": "CVE-2023-52875",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nclk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52875"
    },
    {
      "cve": "CVE-2023-52876",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nclk: mediatek: clk-mt7629-eth: Add check for mtk_alloc_clk_data",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52876"
    },
    {
      "cve": "CVE-2023-52879",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ntracing: Have trace_event_file have ref counters",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52879"
    },
    {
      "cve": "CVE-2023-52881",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ntcp: do not accept ACK of bytes we never sent",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52881"
    },
    {
      "cve": "CVE-2023-52919",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnfc: nci: fix possible NULL pointer dereference in send_acknowledge()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2023-52919"
    },
    {
      "cve": "CVE-2024-0193",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFT_CHAIN object or NFT_OBJECT object, allowing a local unprivileged user with CAP_NET_ADMIN capability to escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-0193"
    },
    {
      "cve": "CVE-2024-0584",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free issue was found in igmp_start_timer in net/ipv4/igmp.c in the network sub-component in the Linux Kernel. This flaw allows a local user to observe a refcnt use-after-free issue when receiving an igmp query packet, leading to a kernel information leak.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-0584"
    },
    {
      "cve": "CVE-2024-0646",
      "cwe": {
        "id": "CWE-1314",
        "name": "Missing Write Protection for Parametric Data Values"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds memory write flaw was found in the Linux kernel\u2019s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-0646"
    },
    {
      "cve": "CVE-2024-0841",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A null pointer dereference flaw was found in the hugetlbfs_fill_super function in the Linux kernel hugetlbfs (HugeTLB pages) functionality. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-0841"
    },
    {
      "cve": "CVE-2024-1086",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\r\n\r\nThe nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-1086"
    },
    {
      "cve": "CVE-2024-26581",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nft_set_rbtree: skip end interval element from gc",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26581"
    },
    {
      "cve": "CVE-2024-26593",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ni2c: i801: Fix block process call transactions",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26593"
    },
    {
      "cve": "CVE-2024-26598",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nKVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26598"
    },
    {
      "cve": "CVE-2024-26600",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nphy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26600"
    },
    {
      "cve": "CVE-2024-26602",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nsched/membarrier: reduce the ability to hammer on sys_membarrier",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26602"
    },
    {
      "cve": "CVE-2024-26606",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nbinder: signal epoll threads of self-work",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26606"
    },
    {
      "cve": "CVE-2024-26615",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet/smc: fix illegal rmb_desc access in SMC-D connection dump",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26615"
    },
    {
      "cve": "CVE-2024-26625",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nllc: call sock_orphan() at release time",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26625"
    },
    {
      "cve": "CVE-2024-26635",
      "cwe": {
        "id": "CWE-456",
        "name": "Missing Initialization of a Variable"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nllc: Drop support for ETH_P_TR_802_2.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26635"
    },
    {
      "cve": "CVE-2024-26636",
      "cwe": {
        "id": "CWE-413",
        "name": "Improper Resource Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nllc: make llc_ui_sendmsg() more robust against bonding changes",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26636"
    },
    {
      "cve": "CVE-2024-26645",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracing_map.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26645"
    },
    {
      "cve": "CVE-2024-26663",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ntipc: Check the bearer type before calling tipc_udp_nl_bearer_add()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26663"
    },
    {
      "cve": "CVE-2024-26664",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nhwmon: (coretemp) Fix out-of-bounds memory access",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26664"
    },
    {
      "cve": "CVE-2024-26671",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix IO hang from sbitmap wakeup race.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26671"
    },
    {
      "cve": "CVE-2024-26673",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26673"
    },
    {
      "cve": "CVE-2024-26675",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nppp_async: limit MRU to 64K",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26675"
    },
    {
      "cve": "CVE-2024-26679",
      "cwe": {
        "id": "CWE-413",
        "name": "Improper Resource Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ninet: read sk-\u003esk_family once in inet_recv_error()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26679"
    },
    {
      "cve": "CVE-2024-26684",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet: stmmac: xgmac: fix handling of DPP safety error for DMA channels",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26684"
    },
    {
      "cve": "CVE-2024-26685",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnilfs2: fix potential bug in end_buffer_async_write",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26685"
    },
    {
      "cve": "CVE-2024-26688",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26688"
    },
    {
      "cve": "CVE-2024-26696",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnilfs2: fix hang in nilfs_lookup_dirty_data_buffers()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26696"
    },
    {
      "cve": "CVE-2024-26697",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnilfs2: fix data corruption in dsync block recovery for small block sizes",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26697"
    },
    {
      "cve": "CVE-2024-26702",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\niio: magnetometer: rm3100: add boundary check for the value read from RM3100_REG_TMRC",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26702"
    },
    {
      "cve": "CVE-2024-26704",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\next4: fix double-free of blocks due to wrong extents moved_len",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26704"
    },
    {
      "cve": "CVE-2024-26720",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nmm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26720"
    },
    {
      "cve": "CVE-2024-26722",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nASoC: rt5645: Fix deadlock in rt5645_jack_detect_work()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26722"
    },
    {
      "cve": "CVE-2024-26735",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nipv6: sr: fix possible use-after-free and null-ptr-deref",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26735"
    },
    {
      "cve": "CVE-2024-26736",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nafs: Increase buffer size in afs_update_volume_status()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26736"
    },
    {
      "cve": "CVE-2024-26748",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nusb: cdns3: fix memory double free when handle zero packet",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26748"
    },
    {
      "cve": "CVE-2024-26749",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nusb: cdns3: fixed memory use after free at cdns3_gadget_ep_disable()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26749"
    },
    {
      "cve": "CVE-2024-26751",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nARM: ep93xx: Add terminator to gpiod_lookup_table",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26751"
    },
    {
      "cve": "CVE-2024-26752",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nl2tp: pass correct message length to ip6_append_data",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26752"
    },
    {
      "cve": "CVE-2024-26754",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ngtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26754"
    },
    {
      "cve": "CVE-2024-26763",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndm-crypt: don\u0027t modify the data when using authenticated encryption",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26763"
    },
    {
      "cve": "CVE-2024-26764",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26764"
    },
    {
      "cve": "CVE-2024-26766",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nIB/hfi1: Fix sdma.h tx-\u003enum_descs off-by-one error",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26766"
    },
    {
      "cve": "CVE-2024-26772",
      "cwe": {
        "id": "CWE-413",
        "name": "Improper Resource Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\next4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()\r\n\r\nPlaces the logic for checking if the group\u0027s block bitmap is corrupt under\r\nthe protection of the group lock to avoid allocating blocks from the group\r\nwith a corrupted block bitmap.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26772"
    },
    {
      "cve": "CVE-2024-26773",
      "cwe": {
        "id": "CWE-413",
        "name": "Improper Resource Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26773"
    },
    {
      "cve": "CVE-2024-26777",
      "cwe": {
        "id": "CWE-369",
        "name": "Divide By Zero"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfbdev: sis: Error out if pixclock equals zero",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26777"
    },
    {
      "cve": "CVE-2024-26778",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfbdev: savage: Error out if pixclock equals zero",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26778"
    },
    {
      "cve": "CVE-2024-26779",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nwifi: mac80211: fix race condition on enabling fast-xmit",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26779"
    },
    {
      "cve": "CVE-2024-26788",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndmaengine: fsl-qdma: init irq after reg initialization",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26788"
    },
    {
      "cve": "CVE-2024-26790",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26790"
    },
    {
      "cve": "CVE-2024-26791",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nbtrfs: dev-replace: properly validate device names",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26791"
    },
    {
      "cve": "CVE-2024-26793",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ngtp: fix use-after-free and null-ptr-deref in gtp_newlink()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26793"
    },
    {
      "cve": "CVE-2024-26801",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nBluetooth: Avoid potential use-after-free in hci_error_reset",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26801"
    },
    {
      "cve": "CVE-2024-26804",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet: ip_tunnel: prevent perpetual headroom growth",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26804"
    },
    {
      "cve": "CVE-2024-26805",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netlink: Fix kernel-infoleak-after-free in skb_datagram_iter.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26805"
    },
    {
      "cve": "CVE-2024-26825",
      "cwe": {
        "id": "CWE-402",
        "name": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnfc: nci: free rx_data_reassembly skb on NCI device cleanup",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26825"
    },
    {
      "cve": "CVE-2024-26835",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nf_tables: set dormant flag on hook register failure",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26835"
    },
    {
      "cve": "CVE-2024-26839",
      "cwe": {
        "id": "CWE-402",
        "name": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nIB/hfi1: Fix a memleak in init_credit_return",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26839"
    },
    {
      "cve": "CVE-2024-26840",
      "cwe": {
        "id": "CWE-402",
        "name": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ncachefiles: fix memory leak in cachefiles_add_cache()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26840"
    },
    {
      "cve": "CVE-2024-26845",
      "cwe": {
        "id": "CWE-99",
        "name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nscsi: target: core: Add TMF to tmr_list handling",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26845"
    },
    {
      "cve": "CVE-2024-26910",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: ipset: fix performance regression in swap operation",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-26910"
    },
    {
      "cve": "CVE-2024-27405",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nusb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-27405"
    },
    {
      "cve": "CVE-2024-27410",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nwifi: nl80211: reject iftype change with mesh ID change",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-27410"
    },
    {
      "cve": "CVE-2024-27412",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\npower: supply: bq27xxx-i2c: Do not free non existing IRQ",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-27412"
    },
    {
      "cve": "CVE-2024-27413",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nefi/capsule-loader: fix incorrect allocation size",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-27413"
    },
    {
      "cve": "CVE-2024-27414",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nrtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-27414"
    },
    {
      "cve": "CVE-2024-27416",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nBluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-27416"
    },
    {
      "cve": "CVE-2024-27417",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nipv6: fix potential \"struct net\" leak in inet6_rtm_getaddr()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-27417"
    },
    {
      "cve": "CVE-2024-35833",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-35833"
    },
    {
      "cve": "CVE-2024-35835",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet/mlx5e: fix a double-free in arfs_create_groups",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-35835"
    },
    {
      "cve": "CVE-2024-39476",
      "cwe": {
        "id": "CWE-667",
        "name": "Improper Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nmd/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2024-39476"
    }
  ]
}

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.0.\n\nSiemens has released a new version for SIMATIC S7-1500 TM MFP -\u00a0GNU/Linux subsystem and recommends to update to the latest version.\n\nThis advisory lists vulnerabilities for firmware version V1.0 only; for V1.1 refer to Siemens Security Advisory SSA-265688 (\nhttps://cert-portal.siemens.com/productcert/html/ssa-265688.html).",
        "title": "Summary"
      },
      {
        "category": "general",
        "text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
        "title": "General Recommendations"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "productcert@siemens.com",
      "name": "Siemens ProductCERT",
      "namespace": "https://www.siemens.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - HTML Version",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-794697.html"
      },
      {
        "category": "self",
        "summary": "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - CSAF Version",
        "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-794697.json"
      },
      {
        "category": "self",
        "summary": "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - PDF Version",
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"
      },
      {
        "category": "self",
        "summary": "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - TXT Version",
        "url": "https://cert-portal.siemens.com/productcert/txt/ssa-794697.txt"
      }
    ],
    "title": "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1",
    "tracking": {
      "current_release_date": "2024-04-09T00:00:00Z",
      "generator": {
        "engine": {
          "name": "Siemens ProductCERT CSAF Generator",
          "version": "1"
        }
      },
      "id": "SSA-794697",
      "initial_release_date": "2023-06-13T00:00:00Z",
      "revision_history": [
        {
          "date": "2023-06-13T00:00:00Z",
          "legacy_version": "1.0",
          "number": "1",
          "summary": "Publication Date"
        },
        {
          "date": "2023-07-11T00:00:00Z",
          "legacy_version": "1.1",
          "number": "2",
          "summary": "Added CVE-2022-4269, CVE-2023-3141, CVE-2023-3268, CVE-2023-31436, CVE-2023-32233"
        },
        {
          "date": "2023-08-08T00:00:00Z",
          "legacy_version": "1.2",
          "number": "3",
          "summary": "Added CVE-2023-3446, CVE-2023-3389, CVE-2022-1015, \r\nCVE-2023-3609"
        },
        {
          "date": "2023-09-12T00:00:00Z",
          "legacy_version": "1.3",
          "number": "4",
          "summary": "Added CVE-2023-3338"
        },
        {
          "date": "2023-11-14T00:00:00Z",
          "legacy_version": "1.4",
          "number": "5",
          "summary": "Added CVE-2023-1206, CVE-2023-2898, CVE-2023-3610, CVE-2023-3611, CVE-2023-3772, CVE-2023-3773, CVE-2023-3777, CVE-2023-4004, CVE-2023-4015, CVE-2023-4273, CVE-2023-4623, CVE-2023-4921, CVE-2023-35001, CVE-2023-37453, CVE-2023-39192, CVE-2023-39193, CVE-2023-39194, CVE-2023-42753, CVE-2023-42755"
        },
        {
          "date": "2023-12-12T00:00:00Z",
          "legacy_version": "1.5",
          "number": "6",
          "summary": "Added CVE-2021-44879, CVE-2023-5178, CVE-2023-5197, CVE-2023-5678, CVE-2023-5717, CVE-2023-31085, CVE-2023-35827, CVE-2023-39189, CVE-2023-42754, CVE-2023-45863, CVE-2023-45871"
        },
        {
          "date": "2024-01-09T00:00:00Z",
          "legacy_version": "1.6",
          "number": "7",
          "summary": "Added CVE-2023-48795"
        },
        {
          "date": "2024-02-13T00:00:00Z",
          "legacy_version": "1.7",
          "number": "8",
          "summary": "Added CVE-2020-12762, CVE-2023-6606, CVE-2023-6931, CVE-2023-6932, CVE-2023-7008, CVE-2023-7104, CVE-2023-36660, CVE-2023-50495, CVE-2023-51384, CVE-2023-51385, CVE-2023-51767, CVE-2024-0232, CVE-2024-0553, CVE-2024-0567, CVE-2024-0584, CVE-2024-0684, CVE-2024-22365, CVE-2024-25062"
        },
        {
          "date": "2024-04-09T00:00:00Z",
          "legacy_version": "1.8",
          "number": "9",
          "summary": "Added fix for SIMATIC S7-1500 TM MFP - GNU/Linux subsystem"
        }
      ],
      "status": "interim",
      "version": "9"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cV1.1",
                "product": {
                  "name": "SIMATIC S7-1500 TM MFP -\u00a0GNU/Linux subsystem",
                  "product_id": "1"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 TM MFP -\u00a0GNU/Linux subsystem"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-12762",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2020-12762"
    },
    {
      "cve": "CVE-2021-3759",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A memory overflow vulnerability was found in the Linux kernel\u2019s ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-3759"
    },
    {
      "cve": "CVE-2021-4037",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. This can lead to excessive permissions granted in case when they should not. This vulnerability is similar to the previous CVE-2018-13405 and adds the missed fix for the XFS.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-4037"
    },
    {
      "cve": "CVE-2021-33655",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-33655"
    },
    {
      "cve": "CVE-2021-44879",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-44879"
    },
    {
      "cve": "CVE-2022-0171",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-0171"
    },
    {
      "cve": "CVE-2022-1012",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-1012"
    },
    {
      "cve": "CVE-2022-1015",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. This flaw allows a local user to cause an out-of-bounds write issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-1015"
    },
    {
      "cve": "CVE-2022-1184",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel\u2019s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-1184"
    },
    {
      "cve": "CVE-2022-1292",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The c_rehash script does not properly sanitise shell metacharacters to prevent command injection.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-1292"
    },
    {
      "cve": "CVE-2022-1343",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Under certain circumstances, the command line OCSP verify function reports successful verification when the verification in fact failed. In this case the incorrect successful response will also be accompanied by error messages showing the failure and contradicting the apparently successful result.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-1343"
    },
    {
      "cve": "CVE-2022-1434",
      "cwe": {
        "id": "CWE-327",
        "name": "Use of a Broken or Risky Cryptographic Algorithm"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When using the RC4-MD5 ciphersuite, which is disabled by default, an attacker is able to modify data in transit due to an incorrect use of the AAD data as the MAC key in OpenSSL 3.0. An attacker is not able to decrypt any communication.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-1434"
    },
    {
      "cve": "CVE-2022-1462",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds read flaw was found in the Linux kernel\u2019s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a local user to crash the system or read unauthorized random data from memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-1462"
    },
    {
      "cve": "CVE-2022-1473",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The used OpenSSL version improperly reuses memory when decoding certificates or keys. This can lead to a process termination and Denial of Service for long lived processes.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-1473"
    },
    {
      "cve": "CVE-2022-1679",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in the Linux kernel\u2019s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-1679"
    },
    {
      "cve": "CVE-2022-1852",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference flaw was found in the Linux kernel\u2019s KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-1852"
    },
    {
      "cve": "CVE-2022-1882",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in the Linux kernel\u2019s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-1882"
    },
    {
      "cve": "CVE-2022-2068",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-2068"
    },
    {
      "cve": "CVE-2022-2078",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in the Linux kernel\u0027s nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-2078"
    },
    {
      "cve": "CVE-2022-2097",
      "cwe": {
        "id": "CWE-326",
        "name": "Inadequate Encryption Strength"
      },
      "notes": [
        {
          "category": "summary",
          "text": "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn\u0027t written. In the special case of \"in place\" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-2097"
    },
    {
      "cve": "CVE-2022-2153",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel\u2019s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-2153"
    },
    {
      "cve": "CVE-2022-2274",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. SSL/TLS servers or other servers using 2048 bit RSA private keys running on machines supporting AVX512IFMA instructions of the X86_64 architecture are affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-2274"
    },
    {
      "cve": "CVE-2022-2327",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "io_uring use work_flags to determine which identity need to grab from the calling process to make sure it is consistent with the calling process when executing IORING_OP. Some operations are missing some types, which can lead to incorrect reference counts which can then lead to a double free. We recommend upgrading the kernel past commit df3f3bb5059d20ef094d6b2f0256c4bf4127a859",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-2327"
    },
    {
      "cve": "CVE-2022-2503",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equivalent dm-linear target and bypass verification till reboot. This allows root to bypass LoadPin and can be used to load untrusted and unverified kernel modules and firmware, which implies arbitrary kernel execution and persistence for peripherals that do not verify firmware updates. We recommend upgrading past commit 4caae58406f8ceb741603eee460d79bacca9b1b5",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-2503"
    },
    {
      "cve": "CVE-2022-2586",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in nf_tables cross-table in the net/netfilter/nf_tables_api.c function in the Linux kernel. This flaw allows a local, privileged attacker to cause a use-after-free problem at the time of table deletion, possibly leading to local privilege escalation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-2586"
    },
    {
      "cve": "CVE-2022-2588",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-2588"
    },
    {
      "cve": "CVE-2022-2602",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel. A race issue occurs between an io_uring request and the Unix socket garbage collector, allowing an attacker local privilege escalation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-2602"
    },
    {
      "cve": "CVE-2022-2663",
      "cwe": {
        "id": "CWE-923",
        "name": "Improper Restriction of Communication Channel to Intended Endpoints"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-2663"
    },
    {
      "cve": "CVE-2022-2905",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds memory read flaw was found in the Linux kernel\u0027s BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-2905"
    },
    {
      "cve": "CVE-2022-2959",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A race condition was found in the Linux kernel\u0027s watch queue due to a missing lock in pipe_resize_ring(). The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a local user to crash the system or escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-2959"
    },
    {
      "cve": "CVE-2022-2978",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-2978"
    },
    {
      "cve": "CVE-2022-3028",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A race condition was found in the Linux kernel\u0027s IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3028"
    },
    {
      "cve": "CVE-2022-3104",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3104"
    },
    {
      "cve": "CVE-2022-3115",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel through 5.16-rc6. malidp_crtc_reset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3115"
    },
    {
      "cve": "CVE-2022-3169",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET through the device file of the driver, resulting in a PCIe link disconnect.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3169"
    },
    {
      "cve": "CVE-2022-3303",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3303"
    },
    {
      "cve": "CVE-2022-3521",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VDB-211018 is the identifier assigned to this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3521"
    },
    {
      "cve": "CVE-2022-3524",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211021 was assigned to this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3524"
    },
    {
      "cve": "CVE-2022-3534",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability classified as critical has been found in Linux Kernel. Affected is the function btf_dump_name_dups of the file tools/lib/bpf/btf_dump.c of the component libbpf. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211032.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3534"
    },
    {
      "cve": "CVE-2022-3545",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3545"
    },
    {
      "cve": "CVE-2022-3564",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3564"
    },
    {
      "cve": "CVE-2022-3565",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3565"
    },
    {
      "cve": "CVE-2022-3586",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel\u2019s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3586"
    },
    {
      "cve": "CVE-2022-3594",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3594"
    },
    {
      "cve": "CVE-2022-3606",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in Linux Kernel. It has been classified as problematic. This affects the function find_prog_by_sec_insn of the file tools/lib/bpf/libbpf.c of the component BPF. The manipulation leads to null pointer dereference. It is recommended to apply a patch to fix this issue. The identifier VDB-211749 was assigned to this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3606"
    },
    {
      "cve": "CVE-2022-3621",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211920.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3621"
    },
    {
      "cve": "CVE-2022-3625",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211929 was assigned to this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3625"
    },
    {
      "cve": "CVE-2022-3628",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device. This can allow a local user to crash the system or escalate their privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3628"
    },
    {
      "cve": "CVE-2022-3629",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211930 is the identifier assigned to this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3629"
    },
    {
      "cve": "CVE-2022-3633",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function j1939_session_destroy of the file net/can/j1939/transport.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211932.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3633"
    },
    {
      "cve": "CVE-2022-3635",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. VDB-211934 is the identifier assigned to this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3635"
    },
    {
      "cve": "CVE-2022-3646",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3646"
    },
    {
      "cve": "CVE-2022-3649",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211992.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3649"
    },
    {
      "cve": "CVE-2022-4095",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c, allowing an attacker to launch a local denial of service attack and gain escalation of privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-4095"
    },
    {
      "cve": "CVE-2022-4129",
      "cwe": {
        "id": "CWE-667",
        "name": "Improper Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel\u0027s Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-4129"
    },
    {
      "cve": "CVE-2022-4139",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An incorrect TLB flush issue was found in the Linux kernel\u2019s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-4139"
    },
    {
      "cve": "CVE-2022-4269",
      "cwe": {
        "id": "CWE-833",
        "name": "Deadlock"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action \"mirred\") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in use (TCP or SCTP) does a retransmission, resulting in a denial of service condition.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-4269"
    },
    {
      "cve": "CVE-2022-4304",
      "cwe": {
        "id": "CWE-326",
        "name": "Inadequate Encryption Strength"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-4304"
    },
    {
      "cve": "CVE-2022-4450",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the \"name\" (e.g. \"CERTIFICATE\"), any header data and the payload data. If the function succeeds then the \"name_out\", \"header\" and \"data\" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-4450"
    },
    {
      "cve": "CVE-2022-4662",
      "cwe": {
        "id": "CWE-455",
        "name": "Non-exit on Failed Initialization"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-4662"
    },
    {
      "cve": "CVE-2022-20421",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239630375References: Upstream kernel",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-20421"
    },
    {
      "cve": "CVE-2022-20422",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In emulation_proc_handler of armv8_deprecated.c, there is a possible way to corrupt memory due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237540956References: Upstream kernel",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-20422"
    },
    {
      "cve": "CVE-2022-20566",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In l2cap_chan_put of l2cap_core, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-165329981References: Upstream kernel",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-20566"
    },
    {
      "cve": "CVE-2022-20572",
      "cwe": {
        "id": "CWE-863",
        "name": "Incorrect Authorization"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In verity_target of dm-verity-target.c, there is a possible way to modify read-only files due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-234475629References: Upstream kernel",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-20572"
    },
    {
      "cve": "CVE-2022-21123",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-21123"
    },
    {
      "cve": "CVE-2022-21125",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-21125"
    },
    {
      "cve": "CVE-2022-21166",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-21166"
    },
    {
      "cve": "CVE-2022-21505",
      "cwe": {
        "id": "CWE-305",
        "name": "Authentication Bypass by Primary Weakness"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A bug in the IMA subsystem was discovered which would incorrectly allow kexec to be used when kernel lockdown was enabled",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-21505"
    },
    {
      "cve": "CVE-2022-26373",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-26373"
    },
    {
      "cve": "CVE-2022-32250",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-32250"
    },
    {
      "cve": "CVE-2022-32296",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 (\"Double-Hash Port Selection Algorithm\") of RFC 6056.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-32296"
    },
    {
      "cve": "CVE-2022-34918",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-34918"
    },
    {
      "cve": "CVE-2022-36123",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service or gain privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-36123"
    },
    {
      "cve": "CVE-2022-36280",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file \u0027/dev/dri/renderD128 (or Dxxx)\u0027. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-36280"
    },
    {
      "cve": "CVE-2022-36879",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-36879"
    },
    {
      "cve": "CVE-2022-36946",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb-\u003elen.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-36946"
    },
    {
      "cve": "CVE-2022-39188",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-39188"
    },
    {
      "cve": "CVE-2022-39190",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-39190"
    },
    {
      "cve": "CVE-2022-40307",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-40307"
    },
    {
      "cve": "CVE-2022-40768",
      "cwe": {
        "id": "CWE-668",
        "name": "Exposure of Resource to Wrong Sphere"
      },
      "notes": [
        {
          "category": "summary",
          "text": "drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-40768"
    },
    {
      "cve": "CVE-2022-41218",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-41218"
    },
    {
      "cve": "CVE-2022-41222",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-41222"
    },
    {
      "cve": "CVE-2022-41674",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-41674"
    },
    {
      "cve": "CVE-2022-41849",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-41849"
    },
    {
      "cve": "CVE-2022-41850",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report-\u003evalue is in progress.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-41850"
    },
    {
      "cve": "CVE-2022-42328",
      "cwe": {
        "id": "CWE-667",
        "name": "Improper Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Guests can trigger deadlock in Linux netback driver [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). Additionally when dropping packages for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver is connected to (CVE-2022-42329).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-42328"
    },
    {
      "cve": "CVE-2022-42329",
      "cwe": {
        "id": "CWE-667",
        "name": "Improper Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Guests can trigger deadlock in Linux netback drive. The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). Additionally when dropping packages for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver is connected to (CVE-2022-42329).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-42329"
    },
    {
      "cve": "CVE-2022-42432",
      "cwe": {
        "id": "CWE-457",
        "name": "Use of Uninitialized Variable"
      },
      "notes": [
        {
          "category": "summary",
          "text": "This vulnerability allows local attackers to disclose sensitive information on affected installations of the Linux Kernel 6.0-rc2. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the nft_osf_eval function. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the kernel. Was ZDI-CAN-18540.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-42432"
    },
    {
      "cve": "CVE-2022-42703",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-42703"
    },
    {
      "cve": "CVE-2022-42719",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-42719"
    },
    {
      "cve": "CVE-2022-42720",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-42720"
    },
    {
      "cve": "CVE-2022-42721",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-42721"
    },
    {
      "cve": "CVE-2022-42722",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-42722"
    },
    {
      "cve": "CVE-2022-42895",
      "cwe": {
        "id": "CWE-824",
        "name": "Access of Uninitialized Pointer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There is an infoleak vulnerability in the Linux kernel\u0027s net/bluetooth/l2cap_core.c\u0027s l2cap_parse_conf_req function which can be used to leak kernel pointers remotely. We recommend upgrading past commit https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435a732b4e62ba3157a2e",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-42895"
    },
    {
      "cve": "CVE-2022-42896",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There are use-after-free vulnerabilities in the Linux kernel\u0027s net/bluetooth/l2cap_core.c\u0027s l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim. We recommend upgrading past commit https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-42896"
    },
    {
      "cve": "CVE-2022-43750",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor\u0027s internal memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-43750"
    },
    {
      "cve": "CVE-2022-47518",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of channels in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when copying the list of operating channels from Wi-Fi management frames.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-47518"
    },
    {
      "cve": "CVE-2022-47520",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-47520"
    },
    {
      "cve": "CVE-2022-47929",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with \"tc qdisc\" and \"tc class\" commands. This affects qdisc_graft in net/sched/sch_api.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-47929"
    },
    {
      "cve": "CVE-2022-47946",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel 5.10.x before 5.10.155. A use-after-free in io_sqpoll_wait_sq in fs/io_uring.c allows an attacker to crash the kernel, resulting in denial of service. finish_wait can be skipped. An attack can occur in some situations by forking a process and then quickly terminating it. NOTE: later kernel versions, such as the 5.15 longterm series, substantially changed the implementation of io_sqpoll_wait_sq.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-47946"
    },
    {
      "cve": "CVE-2023-0215",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. This internal function is in turn called by the public API functions PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream. The OpenSSL cms and smime command line applications are similarly affected.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-0215"
    },
    {
      "cve": "CVE-2023-0286",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-0286"
    },
    {
      "cve": "CVE-2023-0464",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems.\r\n\r\nPolicy processing is disabled by default but can be enabled by passing the `-policy` argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()` function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-0464"
    },
    {
      "cve": "CVE-2023-0465",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Applications that use a non-default option when verifying certificates may be\r\nvulnerable to an attack from a malicious CA to circumvent certain checks.\r\n\r\nInvalid certificate policies in leaf certificates are silently ignored by\r\nOpenSSL and other certificate policy checks are skipped for that certificate.\r\nA malicious CA could use this to deliberately assert invalid certificate policies\r\nin order to circumvent policy checking on the certificate altogether.\r\n\r\nPolicy processing is disabled by default but can be enabled by passing\r\nthe `-policy` argument to the command line utilities or by calling the\r\n`X509_VERIFY_PARAM_set1_policies()` function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-0465"
    },
    {
      "cve": "CVE-2023-0466",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The function X509_VERIFY_PARAM_add0_policy() is documented to\nimplicitly enable the certificate policy check when doing certificate\nverification. However the implementation of the function does not\nenable the check which allows certificates with invalid or incorrect\npolicies to pass the certificate verification.\n\nAs suddenly enabling the policy check could break existing deployments it was\ndecided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy()\nfunction.\n\nInstead the applications that require OpenSSL to perform certificate\npolicy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly\nenable the policy check by calling X509_VERIFY_PARAM_set_flags() with\nthe X509_V_FLAG_POLICY_CHECK flag argument.\n\nCertificate policy checks are disabled by default in OpenSSL and are not\ncommonly used by applications.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-0466"
    },
    {
      "cve": "CVE-2023-0590",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (\"net: sched: fix race condition in qdisc_graft()\") not applied yet, then kernel could be affected.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-0590"
    },
    {
      "cve": "CVE-2023-1077",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-1077"
    },
    {
      "cve": "CVE-2023-1095",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never placed on a list -- the list head is all zeroes, this results in a NULL pointer dereference.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-1095"
    },
    {
      "cve": "CVE-2023-1206",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel\u2019s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-1206"
    },
    {
      "cve": "CVE-2023-2898",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user to cause a denial of service problem.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-2898"
    },
    {
      "cve": "CVE-2023-3141",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-3141"
    },
    {
      "cve": "CVE-2023-3268",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-3268"
    },
    {
      "cve": "CVE-2023-3338",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A null pointer dereference flaw was found in the Linux kernel\u0027s DECnet networking protocol. This issue could allow a remote user to crash the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-3338"
    },
    {
      "cve": "CVE-2023-3389",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Racing a io_uring cancel poll request with a linked timeout can cause a UAF in a hrtimer.\r\n\r\nWe recommend upgrading past commit `ef7dfac51d8ed961b742218f526bd589f3900a59`  \r\n(`4716c73b188566865bdd79c3a6709696a224ac04` for 5.10 stable and   \r\n`0e388fce7aec40992eadee654193cad345d62663` for 5.15 stable).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-3389"
    },
    {
      "cve": "CVE-2023-3446",
      "cwe": {
        "id": "CWE-1333",
        "name": "Inefficient Regular Expression Complexity"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus (\u0027p\u0027 parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulernable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the \u0027-check\u0027 option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-3446"
    },
    {
      "cve": "CVE-2023-3609",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: cls_u32 component can be exploited to achieve local privilege escalation.\r\n\r\nIf tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-3609"
    },
    {
      "cve": "CVE-2023-3610",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\r\n\r\nFlaw in the error handling of bound chains causes a use-after-free in the abort path of NFT_MSG_NEWRULE. The vulnerability requires CAP_NET_ADMIN to be triggered.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-3610"
    },
    {
      "cve": "CVE-2023-3611",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds write vulnerability in the Linux kernel\u0027s net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\r\n\r\nThe qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-3611"
    },
    {
      "cve": "CVE-2023-3772",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel\u0027s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-3772"
    },
    {
      "cve": "CVE-2023-3773",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel\u0027s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to cause a 4 byte out-of-bounds read of XFRMA_MTIMER_THRESH when parsing netlink attributes, leading to potential leakage of sensitive heap data to userspace.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-3773"
    },
    {
      "cve": "CVE-2023-3777",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nWhen nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain\u0027s owner rule can also release the objects in certain circumstances.\n\nWe recommend upgrading past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-3777"
    },
    {
      "cve": "CVE-2023-4004",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in the Linux kernel\u0027s netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-4004"
    },
    {
      "cve": "CVE-2023-4015",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The netfilter subsystem in the Linux kernel did not properly handle bound chain deactivation in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-4015"
    },
    {
      "cve": "CVE-2023-4273",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "This vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this vulnerability to overflow the kernel stack.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-4273"
    },
    {
      "cve": "CVE-2023-4623",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation.\n\nIf a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free.\n\nWe recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-4623"
    },
    {
      "cve": "CVE-2023-4911",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A buffer overflow was discovered in the GNU C Library\u0027s dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-4911"
    },
    {
      "cve": "CVE-2023-4921",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\n\nWhen the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrect .peek handler of sch_plug and lack of error checking in agg_dequeue().\n\nWe recommend upgrading past commit 8fc134fee27f2263988ae38920bc03da416b03d8.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-4921"
    },
    {
      "cve": "CVE-2023-5178",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a malicious local privileged user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation problem.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-5178"
    },
    {
      "cve": "CVE-2023-5197",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\r\n\r\nAddition and removal of rules from chain bindings within the same transaction causes leads to use-after-free.\r\n\r\nWe recommend upgrading past commit f15f29fd4779be8a418b66e9d52979bb6d6c2325.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-5197"
    },
    {
      "cve": "CVE-2023-5678",
      "cwe": {
        "id": "CWE-754",
        "name": "Improper Check for Unusual or Exceptional Conditions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn\u0027t make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn\u0027t check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the \"-pubcheck\" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-5678"
    },
    {
      "cve": "CVE-2023-5717",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A heap out-of-bounds write vulnerability in the Linux kernel\u0027s Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation.\r\n\r\nIf perf_read_group() is called while an event\u0027s sibling_list is smaller than its child\u0027s sibling_list, it can increment or write to memory locations outside of the allocated buffer.\r\n\r\nWe recommend upgrading past commit 32671e3799ca2e4590773fd0e63aaa4229e50c06.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-5717"
    },
    {
      "cve": "CVE-2023-6606",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-6606"
    },
    {
      "cve": "CVE-2023-6931",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A heap out-of-bounds write vulnerability in the Linux kernel\u0027s Performance Events system component can be exploited to achieve local privilege escalation.\n\nA perf_event\u0027s read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group().\n\nWe recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-6931"
    },
    {
      "cve": "CVE-2023-6932",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s ipv4: igmp component can be exploited to achieve local privilege escalation.\n\nA race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread.\n\nWe recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-6932"
    },
    {
      "cve": "CVE-2023-7008",
      "cwe": {
        "id": "CWE-300",
        "name": "Channel Accessible by Non-Endpoint"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-7008"
    },
    {
      "cve": "CVE-2023-7104",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-248999.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-7104"
    },
    {
      "cve": "CVE-2023-23454",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-23454"
    },
    {
      "cve": "CVE-2023-23455",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-23455"
    },
    {
      "cve": "CVE-2023-23559",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-23559"
    },
    {
      "cve": "CVE-2023-26607",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-26607"
    },
    {
      "cve": "CVE-2023-31085",
      "cwe": {
        "id": "CWE-369",
        "name": "Divide By Zero"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd-\u003eerasesize), used indirectly by ctrl_cdev_ioctl, when mtd-\u003eerasesize is 0.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-31085"
    },
    {
      "cve": "CVE-2023-31436",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-31436"
    },
    {
      "cve": "CVE-2023-32233",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-32233"
    },
    {
      "cve": "CVE-2023-35001",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-35001"
    },
    {
      "cve": "CVE-2023-35827",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel through 6.3.8. A use-after-free was found in ravb_remove in drivers/net/ethernet/renesas/ravb_main.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-35827"
    },
    {
      "cve": "CVE-2023-36660",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-36660"
    },
    {
      "cve": "CVE-2023-37453",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in read_descriptors in drivers/usb/core/sysfs.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-37453"
    },
    {
      "cve": "CVE-2023-39189",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-39189"
    },
    {
      "cve": "CVE-2023-39192",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a crash or information disclosure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-39192"
    },
    {
      "cve": "CVE-2023-39193",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-39193"
    },
    {
      "cve": "CVE-2023-39194",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, potentially leading to an information disclosure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.2,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-39194"
    },
    {
      "cve": "CVE-2023-42753",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h-\u003enets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-42753"
    },
    {
      "cve": "CVE-2023-42754",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privileges to crash the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-42754"
    },
    {
      "cve": "CVE-2023-42755",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-42755"
    },
    {
      "cve": "CVE-2023-45863",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in a fill_kobj_path out-of-bounds write.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-45863"
    },
    {
      "cve": "CVE-2023-45871",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-45871"
    },
    {
      "cve": "CVE-2023-48795",
      "cwe": {
        "id": "CWE-222",
        "name": "Truncation of Security-relevant Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust; and there could be effects on Bitvise SSH through 9.31.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-48795"
    },
    {
      "cve": "CVE-2023-50495",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-50495"
    },
    {
      "cve": "CVE-2023-51384",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-51384"
    },
    {
      "cve": "CVE-2023-51385",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-51385"
    },
    {
      "cve": "CVE-2023-51767",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-51767"
    },
    {
      "cve": "CVE-2024-0232",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2024-0232"
    },
    {
      "cve": "CVE-2024-0553",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2024-0553"
    },
    {
      "cve": "CVE-2024-0567",
      "cwe": {
        "id": "CWE-347",
        "name": "Improper Verification of Cryptographic Signature"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2024-0567"
    },
    {
      "cve": "CVE-2024-0584",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free issue was found in igmp_start_timer in net/ipv4/igmp.c in the network sub-component in the Linux Kernel. This flaw allows a local user to observe a refcnt use-after-free issue when receiving an igmp query packet, leading to a kernel information leak.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2024-0584"
    },
    {
      "cve": "CVE-2024-0684",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the GNU coreutils \"split\" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the line_bytes_split() function, potentially leading to an application crash and denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2024-0684"
    },
    {
      "cve": "CVE-2024-22365",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2024-22365"
    },
    {
      "cve": "CVE-2024-25062",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2024-25062"
    }
  ]
}

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the firmware version  \u003e= V3.1.0 and \u003c V3.1.5 for the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP (incl. SIPLUS variant).\n\nThese GNU/Linux vulnerabilities have been externally identified. \nSiemens has released new versions for the affected products and recommends to update to the latest versions.\n\nNote: This SSA advises vulnerabilities for firmware version V3.1 only; for versions \u003c V3.1 refer to Siemens Security Bulletin SSB-439005 (\nhttps://cert-portal.siemens.com/productcert/html/ssb-439005.html).",
        "title": "Summary"
      },
      {
        "category": "general",
        "text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
        "title": "General Recommendations"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "productcert@siemens.com",
      "name": "Siemens ProductCERT",
      "namespace": "https://www.siemens.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "SSA-398330: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP  \u003e= V3.1.0 and \u003c V3.1.5 - HTML Version",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-398330.html"
      },
      {
        "category": "self",
        "summary": "SSA-398330: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP  \u003e= V3.1.0 and \u003c V3.1.5 - CSAF Version",
        "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-398330.json"
      }
    ],
    "title": "SSA-398330: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP  \u003e= V3.1.0 and \u003c V3.1.5",
    "tracking": {
      "current_release_date": "2025-08-12T00:00:00Z",
      "generator": {
        "engine": {
          "name": "Siemens ProductCERT CSAF Generator",
          "version": "1"
        }
      },
      "id": "SSA-398330",
      "initial_release_date": "2023-12-12T00:00:00Z",
      "revision_history": [
        {
          "date": "2023-12-12T00:00:00Z",
          "legacy_version": "1.0",
          "number": "1",
          "summary": "Publication Date"
        },
        {
          "date": "2024-01-09T00:00:00Z",
          "legacy_version": "1.1",
          "number": "2",
          "summary": "Added CVE-2021-44879, CVE-2023-46218, CVE-2023-46219, and CVE-2023-48795"
        },
        {
          "date": "2024-02-13T00:00:00Z",
          "legacy_version": "1.2",
          "number": "3",
          "summary": "Added CVE-2023-45898, CVE-2023-46862, CVE-2023-6121, CVE-2023-6817, CVE-2023-6931, CVE-2023-6932, CVE-2024-0584"
        },
        {
          "date": "2024-03-12T00:00:00Z",
          "legacy_version": "1.3",
          "number": "4",
          "summary": "Added CVE-2023-52425, CVE-2023-52426, CVE-2023-45918"
        },
        {
          "date": "2024-04-09T00:00:00Z",
          "legacy_version": "1.4",
          "number": "5",
          "summary": "Added CVE-2024-28757"
        },
        {
          "date": "2024-05-14T00:00:00Z",
          "legacy_version": "1.5",
          "number": "6",
          "summary": "Added CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466, CVE-2024-2511, CVE-2024-28085, CVE-2024-28182, CVE-2024-28834, CVE-2024-28835"
        },
        {
          "date": "2024-06-11T00:00:00Z",
          "legacy_version": "1.6",
          "number": "7",
          "summary": "Added CVE-2024-2961, CVE-2024-33599, CVE-2024-33600, CVE-2024-33601, CVE-2024-33602, CVE-2024-34459"
        },
        {
          "date": "2024-07-09T00:00:00Z",
          "legacy_version": "1.7",
          "number": "8",
          "summary": "Added CVE-2024-5535, CVE-2024-5742"
        },
        {
          "date": "2024-08-13T00:00:00Z",
          "legacy_version": "1.8",
          "number": "9",
          "summary": "Added CVE-2017-15422, CVE-2024-7264, CVE-2024-37370, CVE-2024-37371"
        },
        {
          "date": "2024-10-08T00:00:00Z",
          "legacy_version": "1.9",
          "number": "10",
          "summary": "Added CVE-2024-6409, CVE-2024-8096, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492"
        },
        {
          "date": "2024-11-12T00:00:00Z",
          "legacy_version": "2.0",
          "number": "11",
          "summary": "Added CVE-2024-2236, CVE-2024-9143"
        },
        {
          "date": "2024-12-10T00:00:00Z",
          "legacy_version": "2.1",
          "number": "12",
          "summary": "Added CVE-2024-50602, CVE-2024-52533"
        },
        {
          "date": "2025-01-14T00:00:00Z",
          "legacy_version": "2.2",
          "number": "13",
          "summary": "Added CVE-2024-11053"
        },
        {
          "date": "2025-02-11T00:00:00Z",
          "legacy_version": "2.3",
          "number": "14",
          "summary": "Added multiple CVEs"
        },
        {
          "date": "2025-03-11T00:00:00Z",
          "legacy_version": "2.4",
          "number": "15",
          "summary": "Added CVE-2023-52622, CVE-2024-12133, -12243, -26645, -26671, -26679, -26772, -26773, -26777, -26805, -26923, -27020, -27032, -36017, -36484, -36904, -36905, -36934, -39487, -41046, -42106, -42131, -42154, -43871, -44944, -44965, -46743, -46745, -46750, -47684, -47701, -47737, -49881, -49884, -49948, -49949, -49952, -49997, -50006, -50040, -50045, -50251, -50262, -50299, -50301, -53057, -53140, -53165, -53217, CVE-2025-0167, -0395, -0665, -0725, -26465, -26466"
        },
        {
          "date": "2025-04-08T00:00:00Z",
          "legacy_version": "2.5",
          "number": "16",
          "summary": "Added CVE-2025-21694, CVE-2025-1390, CVE-2024-8176, CVE-2024-57901, CVE-2024-57884, CVE-2024-56780, CVE-2024-56779, CVE-2024-56770, CVE-2024-56650, CVE-2024-56644, CVE-2024-56606, CVE-2024-56601, CVE-2024-56600, CVE-2024-56570, CVE-2024-56569, CVE-2024-53164, CVE-2024-53124, CVE-2024-52332, CVE-2024-48881, CVE-2024-47707, CVE-2024-12243"
        },
        {
          "date": "2025-06-10T00:00:00Z",
          "legacy_version": "2.6",
          "number": "17",
          "summary": "Added fix for SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP incl. SIPLUS variants"
        },
        {
          "date": "2025-08-12T00:00:00Z",
          "legacy_version": "2.7",
          "number": "18",
          "summary": "Removed CVE-2021-41617, CVE-2023-28531, CVE-2023-38545, CVE-2023-38546, CVE-2023-44487, CVE-2023-4527, CVE-2023-46218, CVE-2023-46219, CVE-2023-4806, CVE-2023-48795, CVE-2023-4911, CVE-2024-12133, CVE-2024-12243, CVE-2024-28085, CVE-2024-2961, CVE-2024-33599, CVE-2024-33600, CVE-2024-33601, CVE-2024-33602, CVE-2024-37370, CVE-2024-37371, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2025-26465, CVE-2025-46836 as they are not fixed in V3.1.5 and advised in SSA-082556"
        }
      ],
      "status": "interim",
      "version": "18"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/\u003e=3.1.0|\u003c3.1.5",
                "product": {
                  "name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)",
                  "product_id": "1",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6ES7518-4AX00-1AB0"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/\u003e=3.1.0|\u003c3.1.5",
                "product": {
                  "name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)",
                  "product_id": "2",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6ES7518-4AX00-1AC0"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/\u003e=3.1.0|\u003c3.1.5",
                "product": {
                  "name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)",
                  "product_id": "3",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6ES7518-4FX00-1AB0"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/\u003e=3.1.0|\u003c3.1.5",
                "product": {
                  "name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)",
                  "product_id": "4",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6ES7518-4FX00-1AC0"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/\u003e=3.1.0|\u003c3.1.5",
                "product": {
                  "name": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)",
                  "product_id": "5",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6AG1518-4AX00-4AC0"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2013-0340",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "expat 2.1.0 and earlier does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue.  NOTE: it could be argued that because expat already provides the ability to disable external entity expansion, the responsibility for resolving this issue lies with application developers; according to this argument, this entry should be REJECTed, and each affected application would need its own CVE.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2013-0340"
    },
    {
      "cve": "CVE-2013-4235",
      "cwe": {
        "id": "CWE-367",
        "name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
      },
      "notes": [
        {
          "category": "summary",
          "text": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2013-4235"
    },
    {
      "cve": "CVE-2014-7209",
      "cwe": {
        "id": "CWE-77",
        "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "run-mailcap in the Debian mime-support package before 3.52-1+deb7u1 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.0,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2014-7209"
    },
    {
      "cve": "CVE-2015-20107",
      "cwe": {
        "id": "CWE-77",
        "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2015-20107"
    },
    {
      "cve": "CVE-2016-3189",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2016-3189"
    },
    {
      "cve": "CVE-2016-3709",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Possible cross-site scripting vulnerability in libxml after commit 960f0e2.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2016-3709"
    },
    {
      "cve": "CVE-2016-4658",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2016-4658"
    },
    {
      "cve": "CVE-2016-5131",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2016-5131"
    },
    {
      "cve": "CVE-2016-9318",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and other products, does not offer a flag directly indicating that the current document may be read but other files may not be opened, which makes it easier for remote attackers to conduct XML External Entity (XXE) attacks via a crafted document.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2016-9318"
    },
    {
      "cve": "CVE-2016-10228",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2016-10228"
    },
    {
      "cve": "CVE-2016-10739",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2016-10739"
    },
    {
      "cve": "CVE-2017-0663",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37104170.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2017-0663"
    },
    {
      "cve": "CVE-2017-7375",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw in libxml2 allows remote XML entity inclusion with default parser flags (i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes). Depending on the context, this may expose a higher-risk attack surface in libxml2 not usually reachable with default parser flags, and expose content from local files, HTTP, or FTP servers (which might be otherwise unreachable).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2017-7375"
    },
    {
      "cve": "CVE-2017-7376",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2017-7376"
    },
    {
      "cve": "CVE-2017-9047",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A buffer overflow was discovered in libxml2 20904-GITv2.9.4-16-g0741801. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer \u0027buf\u0027 of size \u0027size\u0027. The variable len is assigned strlen(buf). If the content-\u003etype is XML_ELEMENT_CONTENT_ELEMENT, then (i) the content-\u003eprefix is appended to buf (if it actually fits) whereupon (ii) content-\u003ename is written to the buffer. However, the check for whether the content-\u003ename actually fits also uses \u0027len\u0027 rather than the updated buffer length strlen(buf). This allows us to write about \"size\" many bytes beyond the allocated memory. This vulnerability causes programs that use libxml2, such as PHP, to crash.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2017-9047"
    },
    {
      "cve": "CVE-2017-9048",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer \u0027buf\u0027 of size \u0027size\u0027. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 \u003c size. This vulnerability causes programs that use libxml2, such as PHP, to crash.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2017-9048"
    },
    {
      "cve": "CVE-2017-9049",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictComputeFastKey function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for libxml2 Bug 759398.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2017-9049"
    },
    {
      "cve": "CVE-2017-9050",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for CVE-2016-1839.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2017-9050"
    },
    {
      "cve": "CVE-2017-15422",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Integer overflow in international date handling in International Components for Unicode (ICU) for C/C++ before 60.1, as used in V8 in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2017-15422"
    },
    {
      "cve": "CVE-2017-16931",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a \u0027%\u0027 character in a DTD name.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2017-16931"
    },
    {
      "cve": "CVE-2017-16932",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2017-16932"
    },
    {
      "cve": "CVE-2017-17512",
      "cwe": {
        "id": "CWE-74",
        "name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "sensible-browser in sensible-utils before 0.0.11 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2017-17512"
    },
    {
      "cve": "CVE-2017-18258",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2017-18258"
    },
    {
      "cve": "CVE-2018-0495",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2018-0495"
    },
    {
      "cve": "CVE-2018-12886",
      "cwe": {
        "id": "CWE-209",
        "name": "Generation of Error Message Containing Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2018-12886"
    },
    {
      "cve": "CVE-2018-14404",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2018-14404"
    },
    {
      "cve": "CVE-2018-14567",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2018-14567"
    },
    {
      "cve": "CVE-2018-18928",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "International Components for Unicode (ICU) for C/C++ 63.1 has an integer overflow in number::impl::DecimalQuantity::toScientificString() in i18n/number_decimalquantity.cpp.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2018-18928"
    },
    {
      "cve": "CVE-2018-19591",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2018-19591"
    },
    {
      "cve": "CVE-2018-20482",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be archived by a different user\u0027s process (e.g., a system backup running as root).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2018-20482"
    },
    {
      "cve": "CVE-2018-20843",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2018-20843"
    },
    {
      "cve": "CVE-2018-25032",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2018-25032"
    },
    {
      "cve": "CVE-2019-3855",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-3855"
    },
    {
      "cve": "CVE-2019-3856",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-3856"
    },
    {
      "cve": "CVE-2019-3857",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-3857"
    },
    {
      "cve": "CVE-2019-3858",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-3858"
    },
    {
      "cve": "CVE-2019-3859",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-3859"
    },
    {
      "cve": "CVE-2019-3860",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-3860"
    },
    {
      "cve": "CVE-2019-3861",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-3861"
    },
    {
      "cve": "CVE-2019-3862",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-3862"
    },
    {
      "cve": "CVE-2019-3863",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-3863"
    },
    {
      "cve": "CVE-2019-5018",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-5018"
    },
    {
      "cve": "CVE-2019-5094",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-5094"
    },
    {
      "cve": "CVE-2019-5188",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-5188"
    },
    {
      "cve": "CVE-2019-5435",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An integer overflow in curl\u0027s URL API results in a buffer overflow in libcurl 7.62.0 to and including 7.64.1.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-5435"
    },
    {
      "cve": "CVE-2019-5436",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-5436"
    },
    {
      "cve": "CVE-2019-5443",
      "cwe": {
        "id": "CWE-427",
        "name": "Uncontrolled Search Path Element"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A non-privileged user or program can put code and a config file in a known non-privileged path (under C:/usr/local/) that will make curl \u003c= 7.65.1 automatically run the code (as an openssl \"engine\") on invocation. If that curl is invoked by a privileged user it can do anything it wants.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-5443"
    },
    {
      "cve": "CVE-2019-5481",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-5481"
    },
    {
      "cve": "CVE-2019-5482",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-5482"
    },
    {
      "cve": "CVE-2019-6109",
      "cwe": {
        "id": "CWE-116",
        "name": "Improper Encoding or Escaping of Output"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-6109"
    },
    {
      "cve": "CVE-2019-6110",
      "cwe": {
        "id": "CWE-838",
        "name": "Inappropriate Encoding for Output Context"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-6110"
    },
    {
      "cve": "CVE-2019-6111",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-6111"
    },
    {
      "cve": "CVE-2019-6488",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The string component in the GNU C Library (aka glibc or libc6) through 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register for size_t in assembly codes, which can lead to a segmentation fault or possibly unspecified other impact, as demonstrated by a crash in __memmove_avx_unaligned_erms in sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S during a memcpy.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-6488"
    },
    {
      "cve": "CVE-2019-7309",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the GNU C Library (aka glibc or libc6) through 2.29, the memcmp function for the x32 architecture can incorrectly return zero (indicating that the inputs are equal) because the RDX most significant bit is mishandled.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-7309"
    },
    {
      "cve": "CVE-2019-8457",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-8457"
    },
    {
      "cve": "CVE-2019-9169",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-9169"
    },
    {
      "cve": "CVE-2019-9636",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached against a given hostname). The components are: urllib.parse.urlsplit, urllib.parse.urlparse. The attack vector is: A specially crafted URL could be incorrectly parsed to locate cookies or authentication data and send that information to a different host than when parsed correctly. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.7, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.3, v3.7.3rc1, v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-9636"
    },
    {
      "cve": "CVE-2019-9674",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-9674"
    },
    {
      "cve": "CVE-2019-9740",
      "cwe": {
        "id": "CWE-93",
        "name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the query string after a ? character) followed by an HTTP header or a Redis command. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-9740"
    },
    {
      "cve": "CVE-2019-9923",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-9923"
    },
    {
      "cve": "CVE-2019-9936",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQLite 3.27.2, running fts5 prefix queries inside a transaction could trigger a heap-based buffer over-read in fts5HashEntrySort in sqlite3.c, which may lead to an information leak. This is related to ext/fts5/fts5_hash.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-9936"
    },
    {
      "cve": "CVE-2019-9937",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQLite 3.27.2, interleaving reads and writes in a single transaction with an fts5 virtual table will lead to a NULL Pointer Dereference in fts5ChunkIterate in sqlite3.c. This is related to ext/fts5/fts5_hash.c and ext/fts5/fts5_index.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-9937"
    },
    {
      "cve": "CVE-2019-9947",
      "cwe": {
        "id": "CWE-93",
        "name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the path component of a URL that lacks a ? character) followed by an HTTP header or a Redis command. This is similar to the CVE-2019-9740 query string issue. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-9947"
    },
    {
      "cve": "CVE-2019-9948",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen(\u0027local_file:///etc/passwd\u0027) call.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-9948"
    },
    {
      "cve": "CVE-2019-10160",
      "cwe": {
        "id": "CWE-172",
        "name": "Encoding Error"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A security regression of CVE-2019-9636 was discovered in python since commit d537ab0ff9767ef024f26246899728f0116b1ec3 affecting versions 2.7, 3.5, 3.6, 3.7 and from v3.8.0a4 through v3.8.0b1, which still allows an attacker to exploit CVE-2019-9636 by abusing the user and password parts of a URL. When an application parses user-supplied URLs to store cookies, authentication credentials, or other kind of information, it is possible for an attacker to provide specially crafted URLs to make the application locate host-related information (e.g. cookies, authentication data) and send them to a different host than where it should, unlike if the URLs had been correctly parsed. The result of an attack may vary based on the application.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-10160"
    },
    {
      "cve": "CVE-2019-11360",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-11360"
    },
    {
      "cve": "CVE-2019-12290",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the inclusion of certain punycoded Unicode characters (that would be discarded when converted first to a Unicode label and then back to an ASCII label), arbitrary domains can be impersonated.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-12290"
    },
    {
      "cve": "CVE-2019-12900",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-12900"
    },
    {
      "cve": "CVE-2019-12904",
      "cwe": {
        "id": "CWE-668",
        "name": "Exposure of Resource to Wrong Sphere"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. (The C implementation is used on platforms where an assembly-language implementation is unavailable.) NOTE: the vendor\u0027s position is that the issue report cannot be validated because there is no description of an attack",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-12904"
    },
    {
      "cve": "CVE-2019-13057",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN (database admin) privileges for certain databases but wants to maintain isolation (e.g., for multi-tenant deployments), slapd does not properly stop a rootDN from requesting authorization as an identity from another database during a SASL bind or with a proxyAuthz (RFC 4370) control. (It is not a common configuration to deploy a system where the server administrator and a DB administrator enjoy different levels of trust.)",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-13057"
    },
    {
      "cve": "CVE-2019-13565",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered in those ACLs. After the first SASL bind is completed, the sasl_ssf value is retained for all new non-SASL connections. Depending on the ACL configuration, this can affect different types of operations (searches, modifications, etc.). In other words, a successful authorization step completed by one user affects the authorization requirement for a different user.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-13565"
    },
    {
      "cve": "CVE-2019-13627",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-13627"
    },
    {
      "cve": "CVE-2019-15847",
      "cwe": {
        "id": "CWE-331",
        "name": "Insufficient Entropy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-15847"
    },
    {
      "cve": "CVE-2019-15903",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-15903"
    },
    {
      "cve": "CVE-2019-16056",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. An attack may be the same as in CVE-2019-11340; however, this CVE applies to Python more generally.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-16056"
    },
    {
      "cve": "CVE-2019-16168",
      "cwe": {
        "id": "CWE-369",
        "name": "Divide By Zero"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a \"severe division by zero in the query planner.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-16168"
    },
    {
      "cve": "CVE-2019-16905",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-16905"
    },
    {
      "cve": "CVE-2019-17498",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-17498"
    },
    {
      "cve": "CVE-2019-17543",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor states \"only a few specific / uncommon usages of the API are at risk.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-17543"
    },
    {
      "cve": "CVE-2019-17594",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-17594"
    },
    {
      "cve": "CVE-2019-17595",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-17595"
    },
    {
      "cve": "CVE-2019-18224",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "idn2_to_ascii_4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-18224"
    },
    {
      "cve": "CVE-2019-18276",
      "cwe": {
        "id": "CWE-273",
        "name": "Improper Check for Dropped Privileges"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems that support \"saved UID\" functionality, the saved UID is not dropped. An attacker with command execution in the shell can use \"enable -f\" for runtime loading of a new builtin, which can be a shared object that calls setuid() and therefore regains privileges. However, binaries running with an effective UID of 0 are unaffected.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-18276"
    },
    {
      "cve": "CVE-2019-18348",
      "cwe": {
        "id": "CWE-74",
        "name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the host component of a URL) followed by an HTTP header. This is similar to the CVE-2019-9740 query string issue and the CVE-2019-9947 path string issue. (This is not exploitable when glibc has CVE-2016-10739 fixed.). This is fixed in: v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1; v3.6.11, v3.6.11rc1, v3.6.12; v3.7.8, v3.7.8rc1, v3.7.9; v3.8.3, v3.8.3rc1, v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-18348"
    },
    {
      "cve": "CVE-2019-19126",
      "cwe": {
        "id": "CWE-665",
        "name": "Improper Initialization"
      },
      "notes": [
        {
          "category": "summary",
          "text": "On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-19126"
    },
    {
      "cve": "CVE-2019-19242",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite 3.30.1 mishandles pExpr-\u003ey.pTab, as demonstrated by the TK_COLUMN case in sqlite3ExprCodeTarget in expr.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-19242"
    },
    {
      "cve": "CVE-2019-19244",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-19244"
    },
    {
      "cve": "CVE-2019-19317",
      "cwe": {
        "id": "CWE-681",
        "name": "Incorrect Conversion between Numeric Types"
      },
      "notes": [
        {
          "category": "summary",
          "text": "lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service or possibly have unspecified other impact.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-19317"
    },
    {
      "cve": "CVE-2019-19603",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-19603"
    },
    {
      "cve": "CVE-2019-19645",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-19645"
    },
    {
      "cve": "CVE-2019-19646",
      "cwe": {
        "id": "CWE-754",
        "name": "Improper Check for Unusual or Exceptional Conditions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-19646"
    },
    {
      "cve": "CVE-2019-19880",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-19880"
    },
    {
      "cve": "CVE-2019-19906",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-19906"
    },
    {
      "cve": "CVE-2019-19923",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-19923"
    },
    {
      "cve": "CVE-2019-19924",
      "cwe": {
        "id": "CWE-755",
        "name": "Improper Handling of Exceptional Conditions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-19924"
    },
    {
      "cve": "CVE-2019-19925",
      "cwe": {
        "id": "CWE-434",
        "name": "Unrestricted Upload of File with Dangerous Type"
      },
      "notes": [
        {
          "category": "summary",
          "text": "zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-19925"
    },
    {
      "cve": "CVE-2019-19926",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-19926"
    },
    {
      "cve": "CVE-2019-19956",
      "cwe": {
        "id": "CWE-772",
        "name": "Missing Release of Resource after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc-\u003eoldNs.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-19956"
    },
    {
      "cve": "CVE-2019-19959",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded \u0027\\0\u0027 characters in filenames, leading to a memory-management error that can be detected by (for example) valgrind.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-19959"
    },
    {
      "cve": "CVE-2019-20218",
      "cwe": {
        "id": "CWE-755",
        "name": "Improper Handling of Exceptional Conditions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-20218"
    },
    {
      "cve": "CVE-2019-20367",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table (strtab).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-20367"
    },
    {
      "cve": "CVE-2019-20388",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-20388"
    },
    {
      "cve": "CVE-2019-20795",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "iproute2 before 5.1.0 has a use-after-free in get_netnsid_from_name in ip/ipnetns.c. NOTE: security relevance may be limited to certain uses of setuid that, although not a default, are sometimes a configuration option offered to end users. Even when setuid is used, other factors (such as C library configuration) may block exploitability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-20795"
    },
    {
      "cve": "CVE-2019-20907",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-20907"
    },
    {
      "cve": "CVE-2019-25013",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-25013"
    },
    {
      "cve": "CVE-2019-1010022",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-1010022"
    },
    {
      "cve": "CVE-2019-1010023",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-1010023"
    },
    {
      "cve": "CVE-2019-1010024",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-1010024"
    },
    {
      "cve": "CVE-2019-1010025",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "summary",
          "text": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor\u0027s position is \"ASLR bypass itself is not a vulnerability.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-1010025"
    },
    {
      "cve": "CVE-2019-1010180",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2019-1010180"
    },
    {
      "cve": "CVE-2020-1712",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-1712"
    },
    {
      "cve": "CVE-2020-1751",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-1751"
    },
    {
      "cve": "CVE-2020-1752",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-1752"
    },
    {
      "cve": "CVE-2020-6096",
      "cwe": {
        "id": "CWE-195",
        "name": "Signed to Unsigned Conversion Error"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the \u0027num\u0027 parameter results in a signed comparison vulnerability. If an attacker underflows the \u0027num\u0027 parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-6096"
    },
    {
      "cve": "CVE-2020-7595",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-7595"
    },
    {
      "cve": "CVE-2020-8169",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The libcurl library versions 7.62.0 to and including  7.70.0 are vulnerable to an information disclosure vulnerability that can lead to a partial password being leaked over the network and to the DNS server(s).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-8169"
    },
    {
      "cve": "CVE-2020-8177",
      "cwe": {
        "id": "CWE-74",
        "name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-8177"
    },
    {
      "cve": "CVE-2020-8231",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-8231"
    },
    {
      "cve": "CVE-2020-8284",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-8284"
    },
    {
      "cve": "CVE-2020-8285",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-8285"
    },
    {
      "cve": "CVE-2020-8286",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The libcurl library versions 7.41.0 to and including  7.73.0 are vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response. This vulnerability could allow an attacker to pass a revoked certificate as valid.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-8286"
    },
    {
      "cve": "CVE-2020-8315",
      "cwe": {
        "id": "CWE-427",
        "name": "Uncontrolled Search Path Element"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Python (CPython) 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1, an insecure dependency load upon launch on Windows 7 may result in an attacker\u0027s copy of api-ms-win-core-path-l1-1-0.dll being loaded and used instead of the system\u0027s copy. Windows 8 and later are unaffected.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-8315"
    },
    {
      "cve": "CVE-2020-8492",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-8492"
    },
    {
      "cve": "CVE-2020-9327",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-9327"
    },
    {
      "cve": "CVE-2020-10029",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-10029"
    },
    {
      "cve": "CVE-2020-10531",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-10531"
    },
    {
      "cve": "CVE-2020-10543",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-10543"
    },
    {
      "cve": "CVE-2020-10735",
      "cwe": {
        "id": "CWE-704",
        "name": "Incorrect Type Conversion or Cast"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int(\"text\"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-10735"
    },
    {
      "cve": "CVE-2020-10878",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Perl before 5.30.3 has an integer overflow related to mishandling of a \"PL_regkind[OP(n)] == NOTHING\" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-10878"
    },
    {
      "cve": "CVE-2020-11501",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is 3.6.3 (2018-07-16) because of an error in a 2017-10-06 commit. The DTLS client always uses 32 \u0027\\0\u0027 bytes instead of a random value, and thus contributes no randomness to a DTLS negotiation. This breaks the security guarantees of the DTLS protocol.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-11501"
    },
    {
      "cve": "CVE-2020-11655",
      "cwe": {
        "id": "CWE-665",
        "name": "Improper Initialization"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object\u0027s initialization is mishandled.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-11655"
    },
    {
      "cve": "CVE-2020-11656",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-11656"
    },
    {
      "cve": "CVE-2020-12062",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call failure, which allows a malicious unprivileged user on the remote server to overwrite arbitrary files in the client\u0027s download directory by creating a crafted subdirectory anywhere on the remote server. The victim must use the command scp -rp to download a file hierarchy containing, anywhere inside, this crafted subdirectory. NOTE: the vendor points out that \"this attack can achieve no more than a hostile peer is already able to achieve within the scp protocol\" and \"utimes does not fail under normal circumstances.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-12062"
    },
    {
      "cve": "CVE-2020-12243",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "mitigation",
          "details": "Limit remote access to port 22350/tcp on systems where the Codemeter runtime network server is running (for details refer to the updated security manual of WinCC OA).",
          "product_ids": [
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-12243"
    },
    {
      "cve": "CVE-2020-12723",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-12723"
    },
    {
      "cve": "CVE-2020-12762",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-12762"
    },
    {
      "cve": "CVE-2020-13434",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-13434"
    },
    {
      "cve": "CVE-2020-13435",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-13435"
    },
    {
      "cve": "CVE-2020-13529",
      "cwe": {
        "id": "CWE-290",
        "name": "Authentication Bypass by Spoofing"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-13529"
    },
    {
      "cve": "CVE-2020-13630",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-13630"
    },
    {
      "cve": "CVE-2020-13631",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-13631"
    },
    {
      "cve": "CVE-2020-13632",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-13632"
    },
    {
      "cve": "CVE-2020-13776",
      "cwe": {
        "id": "CWE-269",
        "name": "Improper Privilege Management"
      },
      "notes": [
        {
          "category": "summary",
          "text": "systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-13776"
    },
    {
      "cve": "CVE-2020-13777",
      "cwe": {
        "id": "CWE-327",
        "name": "Use of a Broken or Risky Cryptographic Algorithm"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until the first key rotation, the TLS server always uses wrong data in place of an encryption key derived from an application.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-13777"
    },
    {
      "cve": "CVE-2020-13871",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-13871"
    },
    {
      "cve": "CVE-2020-14145",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-14145"
    },
    {
      "cve": "CVE-2020-14422",
      "cwe": {
        "id": "CWE-682",
        "name": "Incorrect Calculation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this attacker can cause many dictionary entries to be created. This is fixed in: v3.5.10, v3.5.10rc1; v3.6.12; v3.7.9; v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1; v3.9.0, v3.9.0b4, v3.9.0b5, v3.9.0rc1, v3.9.0rc2.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-14422"
    },
    {
      "cve": "CVE-2020-15358",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-15358"
    },
    {
      "cve": "CVE-2020-15523",
      "cwe": {
        "id": "CWE-427",
        "name": "Uncontrolled Search Path Element"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, and 3.9 through 3.9.0b4 on Windows, a Trojan horse python3.dll might be used in cases where CPython is embedded in a native application. This occurs because python3X.dll may use an invalid search path for python3.dll loading (after Py_SetPath has been used). NOTE: this issue CANNOT occur when using python.exe from a standard (non-embedded) Python installation on Windows.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-15523"
    },
    {
      "cve": "CVE-2020-15778",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of \"anomalous argument transfers\" because that could \"stand a great chance of breaking existing workflows.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-15778"
    },
    {
      "cve": "CVE-2020-15801",
      "cwe": {
        "id": "CWE-426",
        "name": "Untrusted Search Path"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Python 3.8.4, sys.path restrictions specified in a python38._pth file are ignored, allowing code to be loaded from arbitrary locations. The \u003cexecutable-name\u003e._pth file (e.g., the python._pth file) is not affected.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-15801"
    },
    {
      "cve": "CVE-2020-19185",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Buffer Overflow vulnerability in one_one_mapping function in progs/dump_entry.c:1373 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-19185"
    },
    {
      "cve": "CVE-2020-19186",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Buffer Overflow vulnerability in _nc_find_entry function in tinfo/comp_hash.c:66 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-19186"
    },
    {
      "cve": "CVE-2020-19187",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1100 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-19187"
    },
    {
      "cve": "CVE-2020-19188",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1116 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-19188"
    },
    {
      "cve": "CVE-2020-19189",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Buffer Overflow vulnerability in postprocess_terminfo function in tinfo/parse_entry.c:997 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-19189"
    },
    {
      "cve": "CVE-2020-19190",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Buffer Overflow vulnerability in _nc_find_entry in tinfo/comp_hash.c:70 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-19190"
    },
    {
      "cve": "CVE-2020-19909",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via a large value as the retry delay. NOTE: many parties report that this has no direct security impact on the curl user; however, it may (in theory) cause a denial of service to associated systems or networks if, for example, --retry-delay is misinterpreted as a value much smaller than what was intended. This is not especially plausible because the overflow only happens if the user was trying to specify that curl should wait weeks (or longer) before trying to recover from a transient error.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-19909"
    },
    {
      "cve": "CVE-2020-21047",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The libcpu component which is used by libasm of elfutils version 0.177 (git 47780c9e), suffers from denial-of-service vulnerability caused by application crashes due to out-of-bounds write (CWE-787), off-by-one error (CWE-193) and reachable assertion (CWE-617); to exploit the vulnerability, the attackers need to craft certain ELF files which bypass the missing bound checks.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-21047"
    },
    {
      "cve": "CVE-2020-21913",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "International Components for Unicode (ICU-20850) v66.1 was discovered to contain a use after free bug in the pkg_createWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-21913"
    },
    {
      "cve": "CVE-2020-22218",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access out of bounds memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-22218"
    },
    {
      "cve": "CVE-2020-24659",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application\u0027s error handling path, where the gnutls_deinit function is called after detecting a handshake failure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-24659"
    },
    {
      "cve": "CVE-2020-24977",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-24977"
    },
    {
      "cve": "CVE-2020-25692",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-25692"
    },
    {
      "cve": "CVE-2020-25709",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP\u2019s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-25709"
    },
    {
      "cve": "CVE-2020-25710",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-25710"
    },
    {
      "cve": "CVE-2020-26116",
      "cwe": {
        "id": "CWE-74",
        "name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-26116"
    },
    {
      "cve": "CVE-2020-27618",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-27618"
    },
    {
      "cve": "CVE-2020-28196",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-28196"
    },
    {
      "cve": "CVE-2020-29361",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations in the p11-kit library and the p11-kit list command, where overflow checks are missing before calling realloc or calloc.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-29361"
    },
    {
      "cve": "CVE-2020-29362",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in p11-kit 0.21.1 through 0.23.21. A heap-based buffer over-read has been discovered in the RPC protocol used by thep11-kit server/remote commands and the client library. When the remote entity supplies a byte array through a serialized PKCS#11 function call, the receiving entity may allow the reading of up to 4 bytes of memory past the heap allocation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-29362"
    },
    {
      "cve": "CVE-2020-29363",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in p11-kit 0.23.6 through 0.23.21. A heap-based buffer overflow has been discovered in the RPC protocol used by p11-kit server/remote commands and the client library. When the remote entity supplies a serialized byte array in a CK_ATTRIBUTE, the receiving entity may not allocate sufficient length for the buffer to store the deserialized value.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-29363"
    },
    {
      "cve": "CVE-2020-29562",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-29562"
    },
    {
      "cve": "CVE-2020-29573",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \\x00\\x04\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x04 value to sprintf. NOTE: the issue does not affect glibc by default in 2016 or later (i.e., 2.23 or later) because of commits made in 2015 for inlining of C99 math functions through use of GCC built-ins. In other words, the reference to 2.23 is intentional despite the mention of \"Fixed for glibc 2.33\" in the 26649 reference.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-29573"
    },
    {
      "cve": "CVE-2020-35525",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQlite 3.31.1, a potential null pointer derreference was found in the INTERSEC query processing.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-35525"
    },
    {
      "cve": "CVE-2020-35527",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQLite 3.31.1, there is an out of bounds access problem through ALTER TABLE for views that have a nested FROM clause.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-35527"
    },
    {
      "cve": "CVE-2020-36221",
      "cwe": {
        "id": "CWE-191",
        "name": "Integer Underflow (Wrap or Wraparound)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-36221"
    },
    {
      "cve": "CVE-2020-36222",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-36222"
    },
    {
      "cve": "CVE-2020-36223",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-36223"
    },
    {
      "cve": "CVE-2020-36224",
      "cwe": {
        "id": "CWE-763",
        "name": "Release of Invalid Pointer or Reference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-36224"
    },
    {
      "cve": "CVE-2020-36225",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-36225"
    },
    {
      "cve": "CVE-2020-36226",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch-\u003ebv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-36226"
    },
    {
      "cve": "CVE-2020-36227",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-36227"
    },
    {
      "cve": "CVE-2020-36228",
      "cwe": {
        "id": "CWE-191",
        "name": "Integer Underflow (Wrap or Wraparound)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-36228"
    },
    {
      "cve": "CVE-2020-36229",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-36229"
    },
    {
      "cve": "CVE-2020-36230",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2020-36230"
    },
    {
      "cve": "CVE-2021-3177",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-3177"
    },
    {
      "cve": "CVE-2021-3326",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-3326"
    },
    {
      "cve": "CVE-2021-3426",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There\u0027s a flaw in Python 3\u0027s pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to access. The highest risk of this flaw is to data confidentiality. This flaw affects Python versions before 3.8.9, Python versions before 3.9.3 and Python versions before 3.10.0a7.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-3426"
    },
    {
      "cve": "CVE-2021-3516",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There\u0027s a flaw in libxml2\u0027s xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-3516"
    },
    {
      "cve": "CVE-2021-3517",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to application availability, with some potential impact to confidentiality and integrity if an attacker is able to use memory information to further exploit the application.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-3517"
    },
    {
      "cve": "CVE-2021-3518",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There\u0027s a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-3518"
    },
    {
      "cve": "CVE-2021-3520",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There\u0027s a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-3520"
    },
    {
      "cve": "CVE-2021-3537",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-3537"
    },
    {
      "cve": "CVE-2021-3541",
      "cwe": {
        "id": "CWE-776",
        "name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-3541"
    },
    {
      "cve": "CVE-2021-3580",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the way nettle\u0027s RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-3580"
    },
    {
      "cve": "CVE-2021-3733",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There\u0027s a flaw in urllib\u0027s AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specially crafted payload that is sent by the server to the client. The greatest threat that this flaw poses is to application availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-3733"
    },
    {
      "cve": "CVE-2021-3737",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-3737"
    },
    {
      "cve": "CVE-2021-3826",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Heap/stack buffer overflow in the dlang_lname function in d-demangle.c in libiberty allows attackers to potentially cause a denial of service (segmentation fault and crash) via a crafted mangled symbol.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-3826"
    },
    {
      "cve": "CVE-2021-3997",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-3997"
    },
    {
      "cve": "CVE-2021-3998",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-3998"
    },
    {
      "cve": "CVE-2021-3999",
      "cwe": {
        "id": "CWE-193",
        "name": "Off-by-one Error"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-3999"
    },
    {
      "cve": "CVE-2021-4122",
      "cwe": {
        "id": "CWE-345",
        "name": "Insufficient Verification of Data Authenticity"
      },
      "notes": [
        {
          "category": "summary",
          "text": "It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device. An attacker with physical access to the medium, such as a flash disk, could use this flaw to force a user into permanently disabling the encryption layer of that medium.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-4122"
    },
    {
      "cve": "CVE-2021-4189",
      "cwe": {
        "id": "CWE-252",
        "name": "Unchecked Return Value"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP server that can trick FTP clients into connecting back to a given IP address and port. This vulnerability could lead to FTP client scanning ports, which otherwise would not have been possible.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-4189"
    },
    {
      "cve": "CVE-2021-4209",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference flaw was found in GnuTLS. As Nettle\u0027s hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-4209"
    },
    {
      "cve": "CVE-2021-20193",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the src/list.c of tar 1.33 and earlier. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-20193"
    },
    {
      "cve": "CVE-2021-20227",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in SQLite\u0027s SELECT query functionality (src/select.c). This flaw allows an attacker who is capable of running SQL queries locally on the SQLite database to cause a denial of service or possible code execution by triggering a use-after-free. The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-20227"
    },
    {
      "cve": "CVE-2021-20231",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other consequences.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-20231"
    },
    {
      "cve": "CVE-2021-20232",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-20232"
    },
    {
      "cve": "CVE-2021-20305",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA \u0026 ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-20305"
    },
    {
      "cve": "CVE-2021-22876",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl 7.1.1 to and including 7.75.0 is vulnerable to an \"Exposure of Private Personal Information to an Unauthorized Actor\" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leaking sensitive data to the server that is the target of the second HTTP request.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-22876"
    },
    {
      "cve": "CVE-2021-22890",
      "cwe": {
        "id": "CWE-290",
        "name": "Authentication Bypass by Spoofing"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets. When using a HTTPS proxy and TLS 1.3, libcurl can confuse session tickets arriving from the HTTPS proxy but work as if they arrived from the remote server and then wrongly \"short-cut\" the host handshake. When confusing the tickets, a HTTPS proxy can trick libcurl to use the wrong session ticket resume for the host and thereby circumvent the server TLS certificate check and make a MITM attack to be possible to perform unnoticed. Note that such a malicious HTTPS proxy needs to provide a certificate that curl will accept for the MITMed server for an attack to work - unless curl has been told to ignore the server certificate check.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-22890"
    },
    {
      "cve": "CVE-2021-22897",
      "cwe": {
        "id": "CWE-668",
        "name": "Exposure of Resource to Wrong Sphere"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The selected cipher set was stored in a single \"static\" variable in the library, which has the surprising side-effect that if an application sets up multiple concurrent transfers, the last one that sets the ciphers will accidentally control the set used by all transfers. In a worst-case scenario, this weakens transport security significantly.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-22897"
    },
    {
      "cve": "CVE-2021-22898",
      "cwe": {
        "id": "CWE-909",
        "name": "Missing Initialization of Resource"
      },
      "notes": [
        {
          "category": "summary",
          "text": "**NOTE: CVE-2021-22898 is an incomplete fix (see https://hackerone.com/reports/1223882)! Check if affected products also have fixed CVE-22925 instead! Do not use CVE-2021-22898 in public advisories!**\r\n\r\ncurl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEW_ENV variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the server, resulting in potentially revealing sensitive internal information to the server using a clear-text network protocol.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-22898"
    },
    {
      "cve": "CVE-2021-22901",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. A malicious server can use this in rare unfortunate circumstances to potentially reach remote code execution in the client. When libcurl at run-time sets up support for TLS 1.3 session tickets on a connection using OpenSSL, it stores pointers to the transfer in-memory object for later retrieval when a session ticket arrives. If the connection is used by multiple transfers (like with a reused HTTP/1.1 connection or multiplexed HTTP/2 connection) that first transfer object might be freed before the new session is established on that connection and then the function will access a memory buffer that might be freed. When using that memory, libcurl might even call a function pointer in the object, making it possible for a remote code execution if the server could somehow manage to get crafted memory content into the correct place in memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-22901"
    },
    {
      "cve": "CVE-2021-22922",
      "cwe": {
        "id": "CWE-354",
        "name": "Improper Validation of Integrity Check Value"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The metalink XML file points out to the client how to get the same contentfrom a set of different URLs, potentially hosted by different servers and theclient can then download the file from one or several of them. In a serial orparallel manner.If one of the servers hosting the contents has been breached and the contentsof the specific file on that server is replaced with a modified payload, curlshould detect this when the hash of the file mismatches after a completeddownload. It should remove the contents and instead try getting the contentsfrom another URL. This is not done, and instead such a hash mismatch is onlymentioned in text and the potentially malicious content is kept in the file ondisk.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-22922"
    },
    {
      "cve": "CVE-2021-22923",
      "cwe": {
        "id": "CWE-522",
        "name": "Insufficiently Protected Credentials"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download the contents from. Often contrary to the user\u0027s expectations and intentions and without telling the user it happened.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-22923"
    },
    {
      "cve": "CVE-2021-22924",
      "cwe": {
        "id": "CWE-706",
        "name": "Use of Incorrectly-Resolved Name or Reference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse, if one of them matches the setup. Due to errors in the logic, the config matching function did not take \u0027issuercert\u0027 into account and it compared the involved paths *case insensitively*, which could lead to libcurl reusing wrong connections. File paths are, or can be, case sensitive on many systems but not all, and can even vary depending on used file systems. The comparison also didn\u0027t include the \u0027issuer cert\u0027 which a transfer can set to qualify how to verify the server certificate.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-22924"
    },
    {
      "cve": "CVE-2021-22925",
      "cwe": {
        "id": "CWE-908",
        "name": "Use of Uninitialized Resource"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl. This rarely used option is used to send variable=content pairs to TELNET servers. Due to flaw in the option parser for sending `NEW_ENV` variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the server. Therefore potentially revealing sensitive internal information to the server using a clear-text network protocol. This could happen because curl did not call and use sscanf() correctly when parsing the string provided by the application.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-22925"
    },
    {
      "cve": "CVE-2021-22926",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl-using applications can ask for a specific client certificate to be used in a transfer. This is done with the `CURLOPT_SSLCERT` option (`--cert` with the command line tool).When libcurl is built to use the macOS native TLS library Secure Transport, an application can ask for the client certificate by name or with a file name - using the same option. If the name exists as a file, it will be used instead of by name.If the appliction runs with a current working directory that is writable by other users (like `/tmp`), a malicious user can create a file name with the same name as the app wants to use by name, and thereby trick the application to use the file based cert instead of the one referred to by name making libcurl send the wrong client certificate in the TLS connection handshake.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-22926"
    },
    {
      "cve": "CVE-2021-22945",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When sending data to an MQTT server, libcurl \u003c= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it *again*.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-22945"
    },
    {
      "cve": "CVE-2021-22946",
      "cwe": {
        "id": "CWE-319",
        "name": "Cleartext Transmission of Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A user can tell curl \u003e= 7.20.0 and \u003c= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be bypassed if the server would return a properly crafted but perfectly legitimate response.This flaw would then make curl silently continue its operations **withoutTLS** contrary to the instructions and expectations, exposing possibly sensitive data in clear text over the network.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-22946"
    },
    {
      "cve": "CVE-2021-22947",
      "cwe": {
        "id": "CWE-345",
        "name": "Insufficient Verification of Data Authenticity"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When curl \u003e= 7.20.0 and \u003c= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. curl would then upgrade to TLS but not flush the in-queue of cached responses but instead continue using and trustingthe responses it got *before* the TLS handshake as if they were authenticated.Using this flaw, it allows a Man-In-The-Middle attacker to first inject the fake responses, then pass-through the TLS traffic from the legitimate server and trick curl into sending data back to the user thinking the attacker\u0027s injected data comes from the TLS-protected server.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-22947"
    },
    {
      "cve": "CVE-2021-23336",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-23336"
    },
    {
      "cve": "CVE-2021-27212",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-27212"
    },
    {
      "cve": "CVE-2021-27218",
      "cwe": {
        "id": "CWE-681",
        "name": "Incorrect Conversion between Numeric Types"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If g_byte_array_new_take() was called with a buffer of 4GB or more on a 64-bit platform, the length would be truncated modulo 2**32, causing unintended length truncation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-27218"
    },
    {
      "cve": "CVE-2021-27219",
      "cwe": {
        "id": "CWE-681",
        "name": "Incorrect Conversion between Numeric Types"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function g_bytes_new has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to memory corruption.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-27219"
    },
    {
      "cve": "CVE-2021-27645",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-27645"
    },
    {
      "cve": "CVE-2021-28041",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-28041"
    },
    {
      "cve": "CVE-2021-28153",
      "cwe": {
        "id": "CWE-59",
        "name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in GNOME GLib before 2.66.8. When g_file_replace() is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink, it incorrectly also creates the target of the symlink as an empty file, which could conceivably have security relevance if the symlink is attacker-controlled. (If the path is a symlink to a file that already exists, then the contents of that file correctly remain unchanged.)",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-28153"
    },
    {
      "cve": "CVE-2021-28363",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The urllib3 library 1.26.x before 1.26.4 for Python omits SSL certificate validation in some cases involving HTTPS to HTTPS proxies. The initial connection to the HTTPS proxy (if an SSLContext isn\u0027t given via proxy_config) doesn\u0027t verify the hostname of the certificate. This means certificates for different servers that still validate properly with the default urllib3 SSLContext will be silently accepted.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-28363"
    },
    {
      "cve": "CVE-2021-28861",
      "cwe": {
        "id": "CWE-601",
        "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation page states \"Warning: http.server is not recommended for production. It only implements basic security checks.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-28861"
    },
    {
      "cve": "CVE-2021-31239",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue found in SQLite SQLite3 v.3.35.4 that could allow a remote attacker to cause a denial of service via the appendvfs.c function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-31239"
    },
    {
      "cve": "CVE-2021-32292",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in json-c from 20200420 (post 0.14 unreleased code) through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary sample program json_parse which is located in the function parseit.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-32292"
    },
    {
      "cve": "CVE-2021-33294",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In elfutils 0.183, an infinite loop was found in the function handle_symtab in readelf.c .Which allows attackers to cause a denial of service (infinite loop) via crafted file.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-33294"
    },
    {
      "cve": "CVE-2021-33560",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-33560"
    },
    {
      "cve": "CVE-2021-33574",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-33574"
    },
    {
      "cve": "CVE-2021-33910",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The use of alloca function with an uncontrolled size in function unit_name_path_escape allows a local attacker, able to mount a filesystem on a very long path, to crash systemd and the whole system by allocating a very large space in the stack.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-33910"
    },
    {
      "cve": "CVE-2021-35942",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-35942"
    },
    {
      "cve": "CVE-2021-36084",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-36084"
    },
    {
      "cve": "CVE-2021-36085",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-36085"
    },
    {
      "cve": "CVE-2021-36086",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-36086"
    },
    {
      "cve": "CVE-2021-36087",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-36087"
    },
    {
      "cve": "CVE-2021-36222",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a certain situation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-36222"
    },
    {
      "cve": "CVE-2021-36690",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges (e.g., is intentionally allowed to execute commands). This report does NOT imply any problem in the SQLite library.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-36690"
    },
    {
      "cve": "CVE-2021-37600",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library environments, and possibly in all realistic environments",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "mitigation",
          "details": "For earlier versions see the recommendations from section Workarounds and Mitigations",
          "product_ids": [
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-37600"
    },
    {
      "cve": "CVE-2021-37750",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "mitigation",
          "details": "For earlier versions see the recommendations from section Workarounds and Mitigations",
          "product_ids": [
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-37750"
    },
    {
      "cve": "CVE-2021-38604",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 fix.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-38604"
    },
    {
      "cve": "CVE-2021-43396",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "** DISPUTED ** In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious \u0027\\0\u0027 character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This may affect data integrity in certain iconv() use cases. NOTE: the vendor states \"the bug cannot be invoked through user input and requires iconv to be invoked with a NULL inbuf, which ought to require a separate application bug to do so unintentionally. Hence there\u0027s no security impact to the bug.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-43396"
    },
    {
      "cve": "CVE-2021-43618",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-43618"
    },
    {
      "cve": "CVE-2021-44879",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-44879"
    },
    {
      "cve": "CVE-2021-45960",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-45960"
    },
    {
      "cve": "CVE-2021-46143",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-46143"
    },
    {
      "cve": "CVE-2021-46195",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service (DoS) by consuming excessive CPU and memory resources.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-46195"
    },
    {
      "cve": "CVE-2021-46828",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-46828"
    },
    {
      "cve": "CVE-2021-46848",
      "cwe": {
        "id": "CWE-193",
        "name": "Off-by-one Error"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2021-46848"
    },
    {
      "cve": "CVE-2022-0391",
      "cwe": {
        "id": "CWE-74",
        "name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like \u0027\\r\u0027 and \u0027\\n\u0027 in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1, 3.9.5, 3.8.11, 3.7.11 and 3.6.14.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-0391"
    },
    {
      "cve": "CVE-2022-0563",
      "cwe": {
        "id": "CWE-209",
        "name": "Generation of Error Message Containing Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an \"INPUTRC\" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-0563"
    },
    {
      "cve": "CVE-2022-0778",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The BN_mod_sqrt() function in openSSL, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-0778"
    },
    {
      "cve": "CVE-2022-1271",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An arbitrary file write vulnerability was found in GNU gzip\u0027s zgrep utility. When zgrep is applied on the attacker\u0027s chosen file name (for example, a crafted file name), this can overwrite an attacker\u0027s content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-1271"
    },
    {
      "cve": "CVE-2022-1292",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The c_rehash script does not properly sanitise shell metacharacters to prevent command injection.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-1292"
    },
    {
      "cve": "CVE-2022-1304",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-1304"
    },
    {
      "cve": "CVE-2022-1343",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Under certain circumstances, the command line OCSP verify function reports successful verification when the verification in fact failed. In this case the incorrect successful response will also be accompanied by error messages showing the failure and contradicting the apparently successful result.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-1343"
    },
    {
      "cve": "CVE-2022-1434",
      "cwe": {
        "id": "CWE-327",
        "name": "Use of a Broken or Risky Cryptographic Algorithm"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When using the RC4-MD5 ciphersuite, which is disabled by default, an attacker is able to modify data in transit due to an incorrect use of the AAD data as the MAC key in OpenSSL 3.0. An attacker is not able to decrypt any communication.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-1434"
    },
    {
      "cve": "CVE-2022-1473",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The used OpenSSL version improperly reuses memory when decoding certificates or keys. This can lead to a process termination and Denial of Service for long lived processes.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-1473"
    },
    {
      "cve": "CVE-2022-2068",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-2068"
    },
    {
      "cve": "CVE-2022-2097",
      "cwe": {
        "id": "CWE-326",
        "name": "Inadequate Encryption Strength"
      },
      "notes": [
        {
          "category": "summary",
          "text": "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn\u0027t written. In the special case of \"in place\" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-2097"
    },
    {
      "cve": "CVE-2022-2274",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. SSL/TLS servers or other servers using 2048 bit RSA private keys running on machines supporting AVX512IFMA instructions of the X86_64 architecture are affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-2274"
    },
    {
      "cve": "CVE-2022-2509",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-2509"
    },
    {
      "cve": "CVE-2022-3715",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-3715"
    },
    {
      "cve": "CVE-2022-3821",
      "cwe": {
        "id": "CWE-193",
        "name": "Off-by-one Error"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-3821"
    },
    {
      "cve": "CVE-2022-4304",
      "cwe": {
        "id": "CWE-326",
        "name": "Inadequate Encryption Strength"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Disable the use of RSA ciphers in the web server configuration; note that RSA ciphers are disabled by default",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-4304"
    },
    {
      "cve": "CVE-2022-4450",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the \"name\" (e.g. \"CERTIFICATE\"), any header data and the payload data. If the function succeeds then the \"name_out\", \"header\" and \"data\" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Do not import or configure certificate files in PEM format from untrusted sources",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-4450"
    },
    {
      "cve": "CVE-2022-22576",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-22576"
    },
    {
      "cve": "CVE-2022-22822",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-22822"
    },
    {
      "cve": "CVE-2022-22823",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-22823"
    },
    {
      "cve": "CVE-2022-22824",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-22824"
    },
    {
      "cve": "CVE-2022-22825",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-22825"
    },
    {
      "cve": "CVE-2022-22826",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-22826"
    },
    {
      "cve": "CVE-2022-22827",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-22827"
    },
    {
      "cve": "CVE-2022-23218",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-23218"
    },
    {
      "cve": "CVE-2022-23219",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-23219"
    },
    {
      "cve": "CVE-2022-23308",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-23308"
    },
    {
      "cve": "CVE-2022-23852",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-23852"
    },
    {
      "cve": "CVE-2022-23990",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-23990"
    },
    {
      "cve": "CVE-2022-24407",
      "cwe": {
        "id": "CWE-89",
        "name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-24407"
    },
    {
      "cve": "CVE-2022-25235",
      "cwe": {
        "id": "CWE-116",
        "name": "Improper Encoding or Escaping of Output"
      },
      "notes": [
        {
          "category": "summary",
          "text": "xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-25235"
    },
    {
      "cve": "CVE-2022-25236",
      "cwe": {
        "id": "CWE-668",
        "name": "Exposure of Resource to Wrong Sphere"
      },
      "notes": [
        {
          "category": "summary",
          "text": "xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-25236"
    },
    {
      "cve": "CVE-2022-25313",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-25313"
    },
    {
      "cve": "CVE-2022-25314",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-25314"
    },
    {
      "cve": "CVE-2022-25315",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-25315"
    },
    {
      "cve": "CVE-2022-26488",
      "cwe": {
        "id": "CWE-426",
        "name": "Untrusted Search Path"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local attacker to add user-writable directories to the system search path. To exploit, an administrator must have installed Python for all users and enabled PATH entries. A non-administrative user can trigger a repair that incorrectly adds user-writable paths into PATH, enabling search-path hijacking of other users and system services. This affects Python (CPython) through 3.7.12, 3.8.x through 3.8.12, 3.9.x through 3.9.10, and 3.10.x through 3.10.2.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-26488"
    },
    {
      "cve": "CVE-2022-27774",
      "cwe": {
        "id": "CWE-522",
        "name": "Insufficiently Protected Credentials"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-27774"
    },
    {
      "cve": "CVE-2022-27775",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-27775"
    },
    {
      "cve": "CVE-2022-27776",
      "cwe": {
        "id": "CWE-522",
        "name": "Insufficiently Protected Credentials"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-27776"
    },
    {
      "cve": "CVE-2022-27778",
      "cwe": {
        "id": "CWE-706",
        "name": "Use of Incorrectly-Resolved Name or Reference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when `--no-clobber` is used together with `--remove-on-error`.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-27778"
    },
    {
      "cve": "CVE-2022-27779",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl wrongly allows cookies to be set for Top Level Domains (TLDs) if thehost name is provided with a trailing dot.curl can be told to receive and send cookies. curl\u0027s \"cookie engine\" can bebuilt with or without [Public Suffix List](https://publicsuffix.org/)awareness. If PSL support not provided, a more rudimentary check exists to atleast prevent cookies from being set on TLDs. This check was broken if thehost name in the URL uses a trailing dot.This can allow arbitrary sites to set cookies that then would get sent to adifferent and unrelated site or domain.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-27779"
    },
    {
      "cve": "CVE-2022-27780",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The curl URL parser wrongly accepts percent-encoded URL separators like \u0027/\u0027when decoding the host name part of a URL, making it a *different* URL usingthe wrong host name when it is later retrieved.For example, a URL like `http://example.com%2F127.0.0.1/`, would be allowed bythe parser and get transposed into `http://example.com/127.0.0.1/`. This flawcan be used to circumvent filters, checks and more.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-27780"
    },
    {
      "cve": "CVE-2022-27781",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server\u0027s certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-27781"
    },
    {
      "cve": "CVE-2022-27782",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-27782"
    },
    {
      "cve": "CVE-2022-27943",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-27943"
    },
    {
      "cve": "CVE-2022-28321",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn\u0027t correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a machine can still get access. NOTE: the relevance of this issue is largely limited to openSUSE Tumbleweed and openSUSE Factory; it does not affect Linux-PAM upstream.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-28321"
    },
    {
      "cve": "CVE-2022-29155",
      "cwe": {
        "id": "CWE-89",
        "name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-29155"
    },
    {
      "cve": "CVE-2022-29824",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don\u0027t check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2\u0027s buffer functions, for example libxslt through 1.1.35, is affected as well.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-29824"
    },
    {
      "cve": "CVE-2022-30115",
      "cwe": {
        "id": "CWE-319",
        "name": "Cleartext Transmission of Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Using its HSTS support, curl can be instructed to use HTTPS directly insteadof using an insecure clear-text HTTP step even when HTTP is provided in theURL. This mechanism could be bypassed if the host name in the given URL used atrailing dot while not using one when it built the HSTS cache. Or the otherway around - by having the trailing dot in the HSTS cache and *not* using thetrailing dot in the URL.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-30115"
    },
    {
      "cve": "CVE-2022-32205",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A malicious server can serve excessive amounts of \"Set-Cookie:\" headers in a HTTP response to curl and curl \u003c 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger than the threshold that curl uses internally to avoid sending crazy large requests (1048576 bytes) and instead returns an error.This denial state might remain for as long as the same cookies are kept, match and haven\u0027t expired. Due to cookie matching rules, a server on \"foo.example.com\" can set cookies that also would match for \"bar.example.com\", making it it possible for a \"sister server\" to effectively cause a denial of service for a sibling site on the same second level domain using this method.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-32205"
    },
    {
      "cve": "CVE-2022-32206",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl \u003c 7.84.0 supports \"chained\" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable \"links\" in this \"decompression chain\" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a \"malloc bomb\", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-32206"
    },
    {
      "cve": "CVE-2022-32207",
      "cwe": {
        "id": "CWE-276",
        "name": "Incorrect Default Permissions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When curl \u003c 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-32207"
    },
    {
      "cve": "CVE-2022-32208",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When curl \u003c 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-32208"
    },
    {
      "cve": "CVE-2022-32221",
      "cwe": {
        "id": "CWE-440",
        "name": "Expected Behavior Violation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously was used to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent `POST` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-32221"
    },
    {
      "cve": "CVE-2022-35252",
      "cwe": {
        "id": "CWE-1286",
        "name": "Improper Validation of Syntactic Correctness of Input"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a\"sister site\" to deny service to all siblings.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-35252"
    },
    {
      "cve": "CVE-2022-35260",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl can be told to parse a `.netrc` file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will in most cases cause a segfault or similar, but circumstances might also cause different outcomes.If a malicious user can provide a custom netrc file to an application or otherwise affect its contents, this flaw could be used as denial-of-service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-35260"
    },
    {
      "cve": "CVE-2022-35737",
      "cwe": {
        "id": "CWE-129",
        "name": "Improper Validation of Array Index"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-35737"
    },
    {
      "cve": "CVE-2022-37434",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-37434"
    },
    {
      "cve": "CVE-2022-37454",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-37454"
    },
    {
      "cve": "CVE-2022-40303",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-40303"
    },
    {
      "cve": "CVE-2022-40304",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-40304"
    },
    {
      "cve": "CVE-2022-40674",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-40674"
    },
    {
      "cve": "CVE-2022-42898",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has \"a similar bug.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-42898"
    },
    {
      "cve": "CVE-2022-42915",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl before 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a non-HTTP(S) URL, it sets up the connection to the remote server by issuing a CONNECT request to the proxy, and then tunnels the rest of the protocol through. An HTTP proxy might refuse this request (HTTP proxies often only allow outgoing connections to specific port numbers, like 443 for HTTPS) and instead return a non-200 status code to the client. Due to flaws in the error/cleanup handling, this could trigger a double free in curl if one of the following schemes were used in the URL for the transfer: dict, gopher, gophers, ldap, ldaps, rtmp, rtmps, or telnet. The earliest affected version is 7.77.0.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-42915"
    },
    {
      "cve": "CVE-2022-42916",
      "cwe": {
        "id": "CWE-319",
        "name": "Cleartext Transmission of Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In curl before 7.86.0, the HSTS check could be bypassed to trick it into staying with HTTP. Using its HSTS support, curl can be instructed to use HTTPS directly (instead of using an insecure cleartext HTTP step) even when HTTP is provided in the URL. This mechanism could be bypassed if the host name in the given URL uses IDN characters that get replaced with ASCII counterparts as part of the IDN conversion, e.g., using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop of U+002E (.). The earliest affected version is 7.77.0 2021-05-26.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-42916"
    },
    {
      "cve": "CVE-2022-43551",
      "cwe": {
        "id": "CWE-319",
        "name": "Cleartext Transmission of Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability exists in curl \u003c7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. However, the HSTS mechanism could be bypassed if the host name in the given URL first uses IDN characters that get replaced to ASCII counterparts as part of the IDN conversion. Like using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop U+002E (.). Then in a subsequent request, it does not detect the HSTS state and makes a clear text transfer. Because it would store the info IDN encoded but look for it IDN decoded.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-43551"
    },
    {
      "cve": "CVE-2022-43552",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl can be asked to tunnel virtually all protocols it supports through an HTTP proxy. HTTP proxies can (and often do) deny such tunnel operations using an appropriate HTTP error response code. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocated struct after it had been freed, in its transfer shutdown code path.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-43552"
    },
    {
      "cve": "CVE-2022-43680",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-43680"
    },
    {
      "cve": "CVE-2022-45061",
      "cwe": {
        "id": "CWE-407",
        "name": "Inefficient Algorithmic Complexity"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor; in such a scenario, they could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied supposed hostname. For example, the attack payload could be placed in the Location header of an HTTP response with status code 302. A fix is planned in 3.11.1, 3.10.9, 3.9.16, 3.8.16, and 3.7.16.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-45061"
    },
    {
      "cve": "CVE-2022-45873",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "systemd 250 and 251 allows local users to achieve a systemd-coredump deadlock by triggering a crash that has a long backtrace. This occurs in parse_elf_object in shared/elf-util.c. The exploitation methodology is to crash a binary calling the same function recursively, and put it in a deeply nested directory to make its backtrace large enough to cause the deadlock. This must be done 16 times when MaxConnections=16 is set for the systemd/units/systemd-coredump.socket file.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-45873"
    },
    {
      "cve": "CVE-2022-46908",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-46908"
    },
    {
      "cve": "CVE-2022-48303",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-48303"
    },
    {
      "cve": "CVE-2022-48522",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-48522"
    },
    {
      "cve": "CVE-2022-48560",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free exists in Python through 3.9 via heappushpop in heapq.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2022-48560"
    },
    {
      "cve": "CVE-2023-0215",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. This internal function is in turn called by the public API functions PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream. The OpenSSL cms and smime command line applications are similarly affected.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-0215"
    },
    {
      "cve": "CVE-2023-0286",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Disable CRL (certification revocation list) checking, if possible",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-0286"
    },
    {
      "cve": "CVE-2023-0361",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-0361"
    },
    {
      "cve": "CVE-2023-0464",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems.\r\n\r\nPolicy processing is disabled by default but can be enabled by passing the `-policy` argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()` function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-0464"
    },
    {
      "cve": "CVE-2023-0465",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Applications that use a non-default option when verifying certificates may be\r\nvulnerable to an attack from a malicious CA to circumvent certain checks.\r\n\r\nInvalid certificate policies in leaf certificates are silently ignored by\r\nOpenSSL and other certificate policy checks are skipped for that certificate.\r\nA malicious CA could use this to deliberately assert invalid certificate policies\r\nin order to circumvent policy checking on the certificate altogether.\r\n\r\nPolicy processing is disabled by default but can be enabled by passing\r\nthe `-policy` argument to the command line utilities or by calling the\r\n`X509_VERIFY_PARAM_set1_policies()` function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-0465"
    },
    {
      "cve": "CVE-2023-0466",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The function X509_VERIFY_PARAM_add0_policy() is documented to\r\nimplicitly enable the certificate policy check when doing certificate\r\nverification. However the implementation of the function does not\r\nenable the check which allows certificates with invalid or incorrect\r\npolicies to pass the certificate verification.\r\n\r\nAs suddenly enabling the policy check could break existing deployments it was\r\ndecided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy()\r\nfunction.\r\n\r\nInstead the applications that require OpenSSL to perform certificate\r\npolicy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly\r\nenable the policy check by calling X509_VERIFY_PARAM_set_flags() with\r\nthe X509_V_FLAG_POLICY_CHECK flag argument.\r\n\r\nCertificate policy checks are disabled by default in OpenSSL and are not\r\ncommonly used by applications.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-0466"
    },
    {
      "cve": "CVE-2023-0687",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function __monstartup of the file gmon.c of the component Call Graph Monitor. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. VDB-220246 is the identifier assigned to this vulnerability. NOTE: The real existence of this vulnerability is still doubted at the moment. The inputs that induce this vulnerability are basically addresses of the running application that is built with gmon enabled. It\u0027s basically trusted input or input that needs an actual security flaw to be compromised or controlled.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-0687"
    },
    {
      "cve": "CVE-2023-1077",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-1077"
    },
    {
      "cve": "CVE-2023-1206",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel\u2019s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-1206"
    },
    {
      "cve": "CVE-2023-2650",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience notable to very long delays when processing those messages, which may lead to a Denial of Service. An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - most of which have no size limit. OBJ_obj2txt() may be used to translate an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL type ASN1_OBJECT) to its canonical numeric text form, which are the sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by periods. When one of the sub-identifiers in the OBJECT IDENTIFIER is very large (these are sizes that are seen as absurdly large, taking up tens or hundreds of KiBs), the translation to a decimal number in text may take a very long time. The time complexity is O(square(n)) with \u0027n\u0027 being the size of the sub-identifiers in bytes (*). With OpenSSL 3.0, support to fetch cryptographic algorithms using names / identifiers in string form was introduced. This includes using OBJECT IDENTIFIERs in canonical numeric text form as identifiers for fetching algorithms. Such OBJECT IDENTIFIERs may be received through the ASN.1 structure AlgorithmIdentifier, which is commonly used in multiple protocols to specify what cryptographic algorithm should be used to sign or verify, encrypt or decrypt, or digest passed data. Applications that call OBJ_obj2txt() directly with untrusted data are affected, with any version of OpenSSL. If the use is for the mere purpose of display, the severity is considered low. In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 certificates, including simple things like verifying its signature. The impact on TLS is relatively low, because all versions of OpenSSL have a 100KiB limit on the peer\u0027s certificate chain. Additionally, this only impacts clients, or servers that have explicitly enabled client authentication. In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, such as X.509 certificates. This is assumed to not happen in such a way that it would cause a Denial of Service, so these versions are considered not affected by this issue in such a way that it would be cause for concern, and the severity is therefore considered low.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-2650"
    },
    {
      "cve": "CVE-2023-2953",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-2953"
    },
    {
      "cve": "CVE-2023-3212",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. A privileged local user could use this flaw to cause a kernel panic.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-3212"
    },
    {
      "cve": "CVE-2023-3446",
      "cwe": {
        "id": "CWE-606",
        "name": "Unchecked Input for Loop Condition"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus (\u0027p\u0027 parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulernable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the \u0027-check\u0027 option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-3446"
    },
    {
      "cve": "CVE-2023-3609",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: cls_u32 component can be exploited to achieve local privilege escalation.\r\n\r\nIf tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-3609"
    },
    {
      "cve": "CVE-2023-3611",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds write vulnerability in the Linux kernel\u0027s net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\r\n\r\nThe qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-3611"
    },
    {
      "cve": "CVE-2023-3772",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel\u0027s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-3772"
    },
    {
      "cve": "CVE-2023-3817",
      "cwe": {
        "id": "CWE-834",
        "name": "Excessive Iteration"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. After fixing CVE-2023-3446 it was discovered that a large q parameter value can also trigger an overly long computation during some of these checks. A correct q value, if present, cannot be larger than the modulus p parameter, thus it is unnecessary to perform these checks if q is larger than p. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the \"-check\" option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-3817"
    },
    {
      "cve": "CVE-2023-4016",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Under some circumstances, this weakness allows a user who has access to run the \u201cps\u201d utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-4016"
    },
    {
      "cve": "CVE-2023-4039",
      "cwe": {
        "id": "CWE-693",
        "name": "Protection Mechanism Failure"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A failure in the -fstack-protector feature in GCC-based toolchains \nthat target AArch64 allows an attacker to exploit an existing buffer \noverflow in dynamically-sized local variables in your application \nwithout this being detected. This stack-protector failure only applies \nto C99-style dynamically-sized local variables or those created using \nalloca(). The stack-protector operates as intended for statically-sized \nlocal variables.\n\nThe default behavior when the stack-protector \ndetects an overflow is to terminate your application, resulting in \ncontrolled loss of availability. An attacker who can exploit a buffer \noverflow without triggering the stack-protector might be able to change \nprogram flow control to cause an uncontrolled loss of availability or to\n go further and affect confidentiality or integrity.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-4039"
    },
    {
      "cve": "CVE-2023-4623",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation.\n\nIf a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free.\n\nWe recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-4623"
    },
    {
      "cve": "CVE-2023-4807",
      "cwe": {
        "id": "CWE-440",
        "name": "Expected Behavior Violation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications on the Windows 64 platform when running on newer X86_64 processors supporting the AVX512-IFMA instructions. Impact summary: If in an application that uses the OpenSSL library an attacker can influence whether the POLY1305 MAC algorithm is used, the application state might be corrupted with various application dependent consequences. The POLY1305 MAC (message authentication code) implementation in OpenSSL does not save the contents of non-volatile XMM registers on Windows 64 platform when calculating the MAC of data larger than 64 bytes. Before returning to the caller all the XMM registers are set to zero rather than restoring their previous content. The vulnerable code is used only on newer x86_64 processors supporting the AVX512-IFMA instructions. The consequences of this kind of internal application state corruption can be various - from no consequences, if the calling application does not depend on the contents of non-volatile XMM registers at all, to the worst consequences, where the attacker could get complete control of the application process. However given the contents of the registers are just zeroized so the attacker cannot put arbitrary values inside, the most likely consequence, if any, would be an incorrect result of some application dependent calculations or a crash leading to a denial of service. The POLY1305 MAC algorithm is most frequently used as part of the CHACHA20-POLY1305 AEAD (authenticated encryption with associated data) algorithm. The most common usage of this AEAD cipher is with TLS protocol versions 1.2 and 1.3 and a malicious client can influence whether this AEAD cipher is used by the server. This implies that server applications using OpenSSL can be potentially impacted. However we are currently not aware of any concrete application that would be affected by this issue therefore we consider this a Low severity security issue. As a workaround the AVX512-IFMA instructions support can be disabled at runtime by setting the environment variable OPENSSL_ia32cap: OPENSSL_ia32cap=:~0x200000 The FIPS provider is not affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-4807"
    },
    {
      "cve": "CVE-2023-4813",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-4813"
    },
    {
      "cve": "CVE-2023-4921",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\n\nWhen the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrect .peek handler of sch_plug and lack of error checking in agg_dequeue().\n\nWe recommend upgrading past commit 8fc134fee27f2263988ae38920bc03da416b03d8.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-4921"
    },
    {
      "cve": "CVE-2023-5156",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-5156"
    },
    {
      "cve": "CVE-2023-5678",
      "cwe": {
        "id": "CWE-606",
        "name": "Unchecked Input for Loop Condition"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn\u0027t make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn\u0027t check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the \"-pubcheck\" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-5678"
    },
    {
      "cve": "CVE-2023-5717",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A heap out-of-bounds write vulnerability in the Linux kernel\u0027s Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation.\r\n\r\nIf perf_read_group() is called while an event\u0027s sibling_list is smaller than its child\u0027s sibling_list, it can increment or write to memory locations outside of the allocated buffer.\r\n\r\nWe recommend upgrading past commit 32671e3799ca2e4590773fd0e63aaa4229e50c06.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-5717"
    },
    {
      "cve": "CVE-2023-5981",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-5981"
    },
    {
      "cve": "CVE-2023-6121",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the kernel ring buffer (dmesg).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-6121"
    },
    {
      "cve": "CVE-2023-6817",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nThe function nft_pipapo_walk did not skip inactive elements during set walk which could lead double deactivations of PIPAPO (Pile Packet Policies) elements, leading to use-after-free.\n\nWe recommend upgrading past commit 317eb9685095678f2c9f5a8189de698c5354316a.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-6817"
    },
    {
      "cve": "CVE-2023-6931",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A heap out-of-bounds write vulnerability in the Linux kernel\u0027s Performance Events system component can be exploited to achieve local privilege escalation.\n\nA perf_event\u0027s read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group().\n\nWe recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-6931"
    },
    {
      "cve": "CVE-2023-6932",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s ipv4: igmp component can be exploited to achieve local privilege escalation.\n\nA race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread.\n\nWe recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-6932"
    },
    {
      "cve": "CVE-2023-23914",
      "cwe": {
        "id": "CWE-319",
        "name": "Cleartext Transmission of Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A cleartext transmission of sensitive information vulnerability exists in curl \u003cv7.88.0 that could cause HSTS functionality fail when multiple URLs are requested serially. Using its HSTS support, curl can be instructed to use HTTPS instead of usingan insecure clear-text HTTP step even when HTTP is provided in the URL. ThisHSTS mechanism would however surprisingly be ignored by subsequent transferswhen done on the same command line because the state would not be properlycarried on.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-23914"
    },
    {
      "cve": "CVE-2023-23915",
      "cwe": {
        "id": "CWE-319",
        "name": "Cleartext Transmission of Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A cleartext transmission of sensitive information vulnerability exists in curl \u003cv7.88.0 that could cause HSTS functionality to behave incorrectly when multiple URLs are requested in parallel. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. This HSTS mechanism would however surprisingly fail when multiple transfers are done in parallel as the HSTS cache file gets overwritten by the most recentlycompleted transfer. A later HTTP-only transfer to the earlier host name would then *not* get upgraded properly to HSTS.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "mitigation",
          "details": "For earlier versions see the recommendations from section Workarounds and Mitigations",
          "product_ids": [
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-23915"
    },
    {
      "cve": "CVE-2023-23916",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An allocation of resources without limits or throttling vulnerability exists in curl \u003cv7.88.0 based on the \"chained\" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable \"links\" in this \"decompression chain\" wascapped, but the cap was implemented on a per-header basis allowing a maliciousserver to insert a virtually unlimited number of compression steps simply byusing many headers. The use of such a decompression chain could result in a \"malloc bomb\", making curl end up spending enormous amounts of allocated heap memory, or trying to and returning out of memory errors.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-23916"
    },
    {
      "cve": "CVE-2023-24329",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-24329"
    },
    {
      "cve": "CVE-2023-25136",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-party report states \"remote code execution is theoretically possible.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-25136"
    },
    {
      "cve": "CVE-2023-25139",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "sprintf in the GNU C Library (glibc) 2.37 has a buffer overflow (out-of-bounds write) in some situations with a correct buffer size. This is unrelated to CWE-676. It may write beyond the bounds of the destination buffer when attempting to write a padded, thousands-separated string representation of a number, if the buffer is allocated the exact size required to represent that number as a string. For example, 1,234,567 (with padding to 13) overflows by two bytes.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-25139"
    },
    {
      "cve": "CVE-2023-26604",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the \"systemctl status\" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-26604"
    },
    {
      "cve": "CVE-2023-27371",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNU libmicrohttpd before 0.9.76 allows remote DoS (Denial of Service) due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHD_create_post_processor() method. This allows an attacker to remotely send a malicious HTTP POST packet that includes one or more \u0027\\0\u0027 bytes in a multipart/form-data boundary field, which - assuming a specific heap layout - will result in an out-of-bounds read and a crash in the find_boundary() function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AC:H/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-27371"
    },
    {
      "cve": "CVE-2023-27533",
      "cwe": {
        "id": "CWE-74",
        "name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability in input validation exists in curl \u003c8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and \"telnet options\" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform option negotiation without the application\u0027s intent. This vulnerability could be exploited if an application allows user input, thereby enabling attackers to execute arbitrary code on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-27533"
    },
    {
      "cve": "CVE-2023-27534",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A path traversal vulnerability exists in curl \u003c8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user\u0027s home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-27534"
    },
    {
      "cve": "CVE-2023-27535",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An authentication bypass vulnerability exists in libcurl \u003c8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-27535"
    },
    {
      "cve": "CVE-2023-27536",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An authentication bypass vulnerability exists libcurl \u003c8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-27536"
    },
    {
      "cve": "CVE-2023-27537",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A double free vulnerability exists in libcurl \u003c8.0.0 when sharing HSTS data between separate \"handles\". This sharing was introduced without considerations for do this sharing across separate threads but there was no indication of this fact in the documentation. Due to missing mutexes or thread locks, two threads sharing the same HSTS data could end up doing a double-free or use-after-free.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-27537"
    },
    {
      "cve": "CVE-2023-27538",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl would reuse a previously created connection even when an SSH related option had been changed that should have prohibited reuse. libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, two SSH settings were left out from the configuration match checks, making them match too easily.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-27538"
    },
    {
      "cve": "CVE-2023-28484",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-28484"
    },
    {
      "cve": "CVE-2023-29383",
      "cwe": {
        "id": "CWE-74",
        "name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that \"cat /etc/passwd\" shows a rogue user account.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-29383"
    },
    {
      "cve": "CVE-2023-29469",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the \u0027\\0\u0027 value).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-29469"
    },
    {
      "cve": "CVE-2023-29491",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-29491"
    },
    {
      "cve": "CVE-2023-29499",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-29499"
    },
    {
      "cve": "CVE-2023-31085",
      "cwe": {
        "id": "CWE-369",
        "name": "Divide By Zero"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd-\u003eerasesize), used indirectly by ctrl_cdev_ioctl, when mtd-\u003eerasesize is 0.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-31085"
    },
    {
      "cve": "CVE-2023-32611",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-32611"
    },
    {
      "cve": "CVE-2023-32636",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect glib distributors who followed the guidance of glib developers to backport the initial fix for CVE-2023-29499.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-32636"
    },
    {
      "cve": "CVE-2023-32643",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in GLib. The GVariant deserialization code is vulnerable to a heap buffer overflow introduced by the fix for CVE-2023-32665. This bug does not affect any released version of GLib, but does affect GLib distributors who followed the guidance of GLib developers to backport the initial fix for CVE-2023-32665.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-32643"
    },
    {
      "cve": "CVE-2023-32665",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "mitigation",
          "details": "Limit remote access to port 22350/tcp on systems where the Codemeter runtime network server is running. Note that this is the default configuration, which therefore limits the exploitability to local attacks only.",
          "product_ids": [
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-32665"
    },
    {
      "cve": "CVE-2023-34319",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The fix for XSA-423 added logic to Linux\u0027es netback driver to deal with\na frontend splitting a packet in a way such that not all of the headers\nwould come in one piece.  Unfortunately the logic introduced there\ndidn\u0027t account for the extreme case of the entire packet being split\ninto as many pieces as permitted by the protocol, yet still being\nsmaller than the area that\u0027s specially dealt with to keep all (possible)\nheaders together.  Such an unusual packet would therefore trigger a\nbuffer overrun in the driver.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-34319"
    },
    {
      "cve": "CVE-2023-34969",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the same dbus-daemon can cause a dbus-daemon crash under some circumstances via an unreplyable message. When done on the well-known system bus, this is a denial-of-service vulnerability. The fixed versions are 1.12.28, 1.14.8, and 1.15.6.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-34969"
    },
    {
      "cve": "CVE-2023-35001",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-35001"
    },
    {
      "cve": "CVE-2023-35945",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy\u2019s HTTP/2 codec may leak a header map and bookkeeping structures upon receiving `RST_STREAM` immediately followed by the `GOAWAY` frames from an upstream server. In nghttp2, cleanup of pending requests due to receipt of the `GOAWAY` frame skips de-allocation of the bookkeeping structure and pending compressed header. The error return [code path] is taken if connection is already marked for not sending more requests due to `GOAWAY` frame. The clean-up code is right after the return statement, causing memory leak. Denial of service through memory exhaustion. This vulnerability was patched in versions(s) 1.26.3, 1.25.8, 1.24.9, 1.23.11.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-35945"
    },
    {
      "cve": "CVE-2023-38408",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-38408"
    },
    {
      "cve": "CVE-2023-39128",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-39128"
    },
    {
      "cve": "CVE-2023-39189",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-39189"
    },
    {
      "cve": "CVE-2023-39192",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a crash or information disclosure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-39192"
    },
    {
      "cve": "CVE-2023-39193",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-39193"
    },
    {
      "cve": "CVE-2023-39194",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, potentially leading to an information disclosure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.2,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-39194"
    },
    {
      "cve": "CVE-2023-39615",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Xmlsoft Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file. NOTE: the vendor\u0027s position is that the product does not support the legacy SAX1 interface with custom callbacks; there is a crash even without crafted input.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-39615"
    },
    {
      "cve": "CVE-2023-40283",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the children of an sk are mishandled.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-40283"
    },
    {
      "cve": "CVE-2023-42754",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privileges to crash the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-42754"
    },
    {
      "cve": "CVE-2023-42755",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-42755"
    },
    {
      "cve": "CVE-2023-45322",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor\u0027s position is \"I don\u0027t think these issues are critical enough to warrant a CVE ID ... because an attacker typically can\u0027t control when memory allocations fail.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-45322"
    },
    {
      "cve": "CVE-2023-45853",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-45853"
    },
    {
      "cve": "CVE-2023-45871",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-45871"
    },
    {
      "cve": "CVE-2023-45898",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The Linux kernel before 6.5.4 has an es1 use-after-free in fs/ext4/extents_status.c, related to ext4_es_insert_extent.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-45898"
    },
    {
      "cve": "CVE-2023-45918",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinfo/lib_termcap.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-45918"
    },
    {
      "cve": "CVE-2023-46862",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel through 6.5.9. During a race with SQ thread exit, an io_uring/fdinfo.c io_uring_show_fdinfo NULL pointer dereference can occur.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-46862"
    },
    {
      "cve": "CVE-2023-52425",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-52425"
    },
    {
      "cve": "CVE-2023-52426",
      "cwe": {
        "id": "CWE-776",
        "name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-52426"
    },
    {
      "cve": "CVE-2023-52444",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid dirent corruption As Al reported in link[1]: f2fs_rename() ... if (old_dir != new_dir \u0026\u0026 !whiteout) f2fs_set_link(old_inode, old_dir_entry, old_dir_page, new_dir); else f2fs_put_page(old_dir_page, 0); You want correct inumber in the \"..\" link. And cross-directory rename does move the source to new parent, even if you\u0027d been asked to leave a whiteout in the old place. [1] https://lore.kernel.org/all/20231017055040.GN800259@ZenIV/ With below testcase, it may cause dirent corruption, due to it missed to call f2fs_set_link() to update \"..\" link to new directory. - mkdir -p dir/foo - renameat2 -w dir/foo bar [ASSERT] (__chk_dots_dentries:1421) --\u003e Bad inode number[0x4] for \u0027..\u0027, parent parent ino is [0x3] [FSCK] other corrupted bugs [Fail]",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-52444"
    },
    {
      "cve": "CVE-2023-52464",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: EDAC/thunderx: Fix possible out-of-bounds string access Enabling -Wstringop-overflow globally exposes a warning for a common bug in the usage of strncat(): drivers/edac/thunderx_edac.c: In function \u0027thunderx_ocx_com_threaded_isr\u0027: drivers/edac/thunderx_edac.c:1136:17: error: \u0027strncat\u0027 specified bound 1024 equals destination size [-Werror=stringop-overflow=] 1136 | strncat(msg, other, OCX_MESSAGE_SIZE); | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ... 1145 | strncat(msg, other, OCX_MESSAGE_SIZE); ... 1150 | strncat(msg, other, OCX_MESSAGE_SIZE); ... Apparently the author of this driver expected strncat() to behave the way that strlcat() does, which uses the size of the destination buffer as its third argument rather than the length of the source buffer. The result is that there is no check on the size of the allocated buffer. Change it to strlcat(). [ bp: Trim compiler output, fixup commit message. ]",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-52464"
    },
    {
      "cve": "CVE-2023-52612",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: crypto: scomp - fix req-\u003edst buffer overflow The req-\u003edst buffer size should be checked before copying from the scomp_scratch-\u003edst to avoid req-\u003edst buffer overflow problem.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-52612"
    },
    {
      "cve": "CVE-2023-52622",
      "cwe": {
        "id": "CWE-131",
        "name": "Incorrect Calculation of Buffer Size"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ext4: avoid online resizing failures due to oversized flex bg.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-52622"
    },
    {
      "cve": "CVE-2023-52675",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: powerpc/imc-pmu: Add a null pointer check in update_events_in_group() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-52675"
    },
    {
      "cve": "CVE-2023-52699",
      "cwe": {
        "id": "CWE-833",
        "name": "Deadlock"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: sysv: don\u0027t call sb_bread() with pointers_lock held syzbot is reporting sleep in atomic context in SysV filesystem [1], for sb_bread() is called with rw_spinlock held. A \"write_lock(\u0026pointers_lock) =\u003e read_lock(\u0026pointers_lock) deadlock\" bug and a \"sb_bread() with write_lock(\u0026pointers_lock)\" bug were introduced by \"Replace BKL for chain locking with sysvfs-private rwlock\" in Linux 2.5.12. Then, \"[PATCH] err1-40: sysvfs locking fix\" in Linux 2.6.8 fixed the former bug by moving pointers_lock lock to the callers, but instead introduced a \"sb_bread() with read_lock(\u0026pointers_lock)\" bug (which made this problem easier to hit). Al Viro suggested that why not to do like get_branch()/get_block()/ find_shared() in Minix filesystem does. And doing like that is almost a revert of \"[PATCH] err1-40: sysvfs locking fix\" except that get_branch() from with find_shared() is called without write_lock(\u0026pointers_lock).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2023-52699"
    },
    {
      "cve": "CVE-2024-0584",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free issue was found in igmp_start_timer in net/ipv4/igmp.c in the network sub-component in the Linux Kernel. This flaw allows a local user to observe a refcnt use-after-free issue when receiving an igmp query packet, leading to a kernel information leak.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-0584"
    },
    {
      "cve": "CVE-2024-2004",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protocol which has been explicitly disabled.      curl --proto -all,-http http://curl.se  The flaw is only present if the set of selected protocols disables the entire set of available protocols, in itself a command with no practical use and therefore unlikely to be encountered in real situations. The curl security team has thus assessed this to be low severity bug.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-2004"
    },
    {
      "cve": "CVE-2024-2236",
      "cwe": {
        "id": "CWE-208",
        "name": "Observable Timing Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A timing-based side-channel flaw was found in libgcrypt\u0027s RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-2236"
    },
    {
      "cve": "CVE-2024-2379",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-2379"
    },
    {
      "cve": "CVE-2024-2398",
      "cwe": {
        "id": "CWE-772",
        "name": "Missing Release of Resource after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory.  Further, this error condition fails silently and is therefore not easily detected by an application.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-2398"
    },
    {
      "cve": "CVE-2024-2466",
      "cwe": {
        "id": "CWE-297",
        "name": "Improper Validation of Certificate with Host Mismatch"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS.  libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate check. This affects all uses of TLS protocols (HTTPS, FTPS, IMAPS, POPS3, SMTPS, etc).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-2466"
    },
    {
      "cve": "CVE-2024-2511",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions. An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in TLSv1.3 if the non-default SSL_OP_NO_TICKET option is being used (but not if early_data support is also configured and the default anti-replay protection is in use). In this case, under certain conditions, the session cache can get into an incorrect state and it will fail to flush properly as it fills. The session cache will continue to grow in an unbounded manner. A malicious client could deliberately create the scenario for this failure to force a Denial of Service. It may also happen by accident in normal operation. This issue only affects TLS servers supporting TLSv1.3. It does not affect TLS clients. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue. OpenSSL 1.0.2 is also not affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-2511"
    },
    {
      "cve": "CVE-2024-5535",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a range of potential consequences such as unexpected application beahviour or a crash. In particular this issue could result in up to 255 bytes of arbitrary private data from memory being sent to the peer leading to a loss of confidentiality. However, only applications that directly call the SSL_select_next_proto function with a 0 length list of supported client protocols are affected by this issue. This would normally never be a valid scenario and is typically not under attacker control but may occur by accident in the case of a configuration or programming error in the calling application. The OpenSSL API function SSL_select_next_proto is typically used by TLS applications that support ALPN (Application Layer Protocol Negotiation) or NPN (Next Protocol Negotiation). NPN is older, was never standardised and is deprecated in favour of ALPN. We believe that ALPN is significantly more widely deployed than NPN. The SSL_select_next_proto function accepts a list of protocols from the server and a list of protocols from the client and returns the first protocol that appears in the server list that also appears in the client list. In the case of no overlap between the two lists it returns the first item in the client list. In either case it will signal whether an overlap between the two lists was found. In the case where SSL_select_next_proto is called with a zero length client list it fails to notice this condition and returns the memory immediately following the client list pointer (and reports that there was no overlap in the lists). This function is typically called from a server side application callback for ALPN or a client side application callback for NPN. In the case of ALPN the list of protocols supplied by the client is guaranteed by libssl to never be zero in length. The list of server protocols comes from the application and should never normally be expected to be of zero length. In this case if the SSL_select_next_proto function has been called as expected (with the list supplied by the client passed in the client/client_len parameters), then the application will not be vulnerable to this issue. If the application has accidentally been configured with a zero length server list, and has accidentally passed that zero length server list in the client/client_len parameters, and has additionally failed to correctly handle a \"no overlap\" response (which would normally result in a handshake failure in ALPN) then it will be vulnerable to this problem. In the case of NPN, the protocol permits the client to opportunistically select a protocol when there is no overlap. OpenSSL returns the first client protocol in the no overlap case in support of this. The list of client protocols comes from the application and should never normally be expected to be of zero length. However if the SSL_select_next_proto function is accidentally called with a client_len of 0 then an invalid memory pointer will be returned instead. If the application uses this output as the opportunistic protocol then the loss of confidentiality will occur. This issue has been assessed as Low severity because applications are most likely to be vulnerable if they are using NPN instead of ALPN - but NPN is not widely used. It also requires an application configuration or programming error. Finally, this issue would not typically be under attacker control making active exploitation unlikely. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue. Due to the low severity of this issue we are not issuing new releases of OpenSSL at this time. The fix will be included in the next releases when they become available.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-5535"
    },
    {
      "cve": "CVE-2024-5742",
      "cwe": {
        "id": "CWE-377",
        "name": "Insecure Temporary File"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privileges through a malicious symlink.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-5742"
    },
    {
      "cve": "CVE-2024-6409",
      "cwe": {
        "id": "CWE-364",
        "name": "Signal Handler Race Condition"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A race condition vulnerability was discovered in how signals are handled by OpenSSH\u0027s server (sshd). If a remote attacker does not authenticate within a set time period, then sshd\u0027s SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog(). As a consequence of a successful attack, in the worst case scenario, an attacker may be able to perform a remote code execution (RCE) as an unprivileged user running the sshd server.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-6409"
    },
    {
      "cve": "CVE-2024-7264",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl\u0027s ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field, the parser might end up using -1 for the length of the *time fraction*, leading to a `strlen()` getting performed on a pointer to a heap buffer area that is not (purposely) null terminated. This flaw most likely leads to a crash, but can also lead to heap contents getting returned to the application when [CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-7264"
    },
    {
      "cve": "CVE-2024-8096",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. If the returned status reports another error than \u0027revoked\u0027 (like for example \u0027unauthorized\u0027) it is not treated as a bad certficate.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-8096"
    },
    {
      "cve": "CVE-2024-8176",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-8176"
    },
    {
      "cve": "CVE-2024-9143",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: Use of the low-level GF(2m) elliptic curve APIs with untrusted explicit values for the field polynomial can lead to out-of-bounds memory reads or writes. Impact summary: Out of bound memory writes can lead to an application crash or even a possibility of a remote code execution, however, in all the protocols involving Elliptic Curve Cryptography that we\u0027re aware of, either only \"named curves\" are supported, or, if explicit curve parameters are supported, they specify an X9.62 encoding of binary (GF(2m)) curves that can\u0027t represent problematic input values. Thus the likelihood of existence of a vulnerable application is low. In particular, the X9.62 encoding is used for ECC keys in X.509 certificates, so problematic inputs cannot occur in the context of processing X.509 certificates. Any problematic use-cases would have to be using an \"exotic\" curve encoding. The affected APIs include: EC_GROUP_new_curve_GF2m(), EC_GROUP_new_from_params(), and various supporting BN_GF2m_*() functions. Applications working with \"exotic\" explicit binary (GF(2m)) curve parameters, that make it possible to represent invalid field polynomials with a zero constant term, via the above or similar APIs, may terminate abruptly as a result of reading or writing outside of array bounds. Remote code execution cannot easily be ruled out. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-9143"
    },
    {
      "cve": "CVE-2024-11053",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When asked to both use a `.netrc` file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has an entry that matches the redirect target hostname but the entry either omits just the password or omits both login and password.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-11053"
    },
    {
      "cve": "CVE-2024-26645",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracing_map.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-26645"
    },
    {
      "cve": "CVE-2024-26671",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix IO hang from sbitmap wakeup race.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-26671"
    },
    {
      "cve": "CVE-2024-26679",
      "cwe": {
        "id": "CWE-413",
        "name": "Improper Resource Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ninet: read sk-\u003esk_family once in inet_recv_error()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-26679"
    },
    {
      "cve": "CVE-2024-26772",
      "cwe": {
        "id": "CWE-413",
        "name": "Improper Resource Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\next4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()\r\n\r\nPlaces the logic for checking if the group\u0027s block bitmap is corrupt under\r\nthe protection of the group lock to avoid allocating blocks from the group\r\nwith a corrupted block bitmap.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-26772"
    },
    {
      "cve": "CVE-2024-26773",
      "cwe": {
        "id": "CWE-413",
        "name": "Improper Resource Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-26773"
    },
    {
      "cve": "CVE-2024-26777",
      "cwe": {
        "id": "CWE-369",
        "name": "Divide By Zero"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfbdev: sis: Error out if pixclock equals zero",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-26777"
    },
    {
      "cve": "CVE-2024-26805",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netlink: Fix kernel-infoleak-after-free in skb_datagram_iter.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-26805"
    },
    {
      "cve": "CVE-2024-26835",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nf_tables: set dormant flag on hook register failure",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-26835"
    },
    {
      "cve": "CVE-2024-26863",
      "cwe": {
        "id": "CWE-908",
        "name": "Use of Uninitialized Resource"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: hsr: Fix uninit-value access in hsr_get_node().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-26863"
    },
    {
      "cve": "CVE-2024-26878",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: quota: Fix potential NULL pointer dereference.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-26878"
    },
    {
      "cve": "CVE-2024-26880",
      "cwe": {
        "id": "CWE-99",
        "name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: dm: call the resume method on internal suspend.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-26880"
    },
    {
      "cve": "CVE-2024-26898",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-26898"
    },
    {
      "cve": "CVE-2024-26901",
      "cwe": {
        "id": "CWE-908",
        "name": "Use of Uninitialized Resource"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-26901"
    },
    {
      "cve": "CVE-2024-26923",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-26923"
    },
    {
      "cve": "CVE-2024-26957",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: fix reference counting on zcrypt card objects.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-26957"
    },
    {
      "cve": "CVE-2024-26973",
      "cwe": {
        "id": "CWE-457",
        "name": "Use of Uninitialized Variable"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: fat: fix uninitialized field in nostale filehandles When fat_encode_fh_nostale() encodes file handle without a parent it stores only first 10 bytes of the file handle. However the length of the file handle must be a multiple of 4 so the file handle is actually 12 bytes long and the last two bytes remain uninitialized. This is not great at we potentially leak uninitialized information with the handle to userspace. Properly initialize the full handle length.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-26973"
    },
    {
      "cve": "CVE-2024-27020",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in nft_expr_type_get().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-27020"
    },
    {
      "cve": "CVE-2024-27032",
      "cwe": {
        "id": "CWE-833",
        "name": "Deadlock"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential panic during recovery During recovery, if FAULT_BLOCK is on, it is possible that f2fs_reserve_new_block() will return -ENOSPC during recovery, then it may trigger panic. Also, if fault injection rate is 1 and only FAULT_BLOCK fault type is on, it may encounter deadloop in loop of block reservation. Let\u0027s change as below to fix these issues: - remove bug_on() to avoid panic. - limit the loop count of block reservation to avoid potential deadloop.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-27032"
    },
    {
      "cve": "CVE-2024-27065",
      "cwe": {
        "id": "CWE-1287",
        "name": "Improper Validation of Specified Type of Input"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: do not compare internal table flags on updates Restore skipping transaction if table update does not modify flags.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-27065"
    },
    {
      "cve": "CVE-2024-27074",
      "cwe": {
        "id": "CWE-772",
        "name": "Missing Release of Resource after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: media: go7007: fix a memleak in go7007_load_encoder.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-27074"
    },
    {
      "cve": "CVE-2024-28182",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbounded number of HTTP/2 CONTINUATION frames even after a stream is reset to keep HPACK context in sync.  This causes excessive CPU usage to decode HPACK stream. nghttp2 v1.61.0 mitigates this vulnerability by limiting the number of CONTINUATION frames it accepts per stream. There is no workaround for this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-28182"
    },
    {
      "cve": "CVE-2024-28757",
      "cwe": {
        "id": "CWE-776",
        "name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-28757"
    },
    {
      "cve": "CVE-2024-28834",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-28834"
    },
    {
      "cve": "CVE-2024-28835",
      "cwe": {
        "id": "CWE-248",
        "name": "Uncaught Exception"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the \"certtool --verify-chain\" command.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-28835"
    },
    {
      "cve": "CVE-2024-33621",
      "cwe": {
        "id": "CWE-1287",
        "name": "Improper Validation of Specified Type of Input"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ipvlan: Dont Use skb-\u003esk in ipvlan_process_v4 / 6_outbound.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-33621"
    },
    {
      "cve": "CVE-2024-34459",
      "cwe": {
        "id": "CWE-126",
        "name": "Buffer Over-read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-34459"
    },
    {
      "cve": "CVE-2024-35807",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ext4: fix corruption during on-line resize.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-35807"
    },
    {
      "cve": "CVE-2024-35809",
      "cwe": {
        "id": "CWE-1287",
        "name": "Improper Validation of Specified Type of Input"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: PCI/PM: Drain runtime-idle callbacks before driver removal.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-35809"
    },
    {
      "cve": "CVE-2024-35830",
      "cwe": {
        "id": "CWE-665",
        "name": "Improper Initialization"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: media: tc358743: register v4l2 async device only after successful setup Ensure the device has been setup correctly before registering the v4l2 async device, thus allowing userspace to access.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-35830"
    },
    {
      "cve": "CVE-2024-35888",
      "cwe": {
        "id": "CWE-457",
        "name": "Use of Uninitialized Variable"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: erspan: make sure erspan_base_hdr is present in skb-\u003ehead.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-35888"
    },
    {
      "cve": "CVE-2024-35910",
      "cwe": {
        "id": "CWE-665",
        "name": "Improper Initialization"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: tcp: properly terminate timers for kernel sockets We had various syzbot reports about tcp timers firing after the corresponding netns has been dismantled. Fortunately Josef Bacik could trigger the issue more often, and could test a patch I wrote two years ago. When TCP sockets are closed, we call inet_csk_clear_xmit_timers() to \u0027stop\u0027 the timers. inet_csk_clear_xmit_timers() can be called from any context, including when socket lock is held. This is the reason it uses sk_stop_timer(), aka del_timer(). This means that ongoing timers might finish much later. For user sockets, this is fine because each running timer holds a reference on the socket, and the user socket holds a reference on the netns. For kernel sockets, we risk that the netns is freed before timer can complete, because kernel sockets do not hold reference on the netns. This patch adds inet_csk_clear_xmit_timers_sync() function that using sk_stop_timer_sync() to make sure all timers are terminated before the kernel socket is released. Modules using kernel sockets close them in their netns exit() handler. Also add sock_not_owned_by_me() helper to get LOCKDEP support : inet_csk_clear_xmit_timers_sync() must not be called while socket lock is held. It is very possible we can revert in the future commit 3a58f13a881e (\"net: rds: acquire refcount on TCP sockets\") which attempted to solve the issue in rds only. (net/smc/af_smc.c and net/mptcp/subflow.c have similar code) We probably can remove the check_net() tests from tcp_out_of_resources() and __tcp_close() in the future.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-35910"
    },
    {
      "cve": "CVE-2024-35925",
      "cwe": {
        "id": "CWE-369",
        "name": "Divide By Zero"
      },
      "notes": [
        {
          "category": "summary",
          "text": "block: prevent division by zero in blk_rq_stat_sum()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-35925"
    },
    {
      "cve": "CVE-2024-35944",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-35944"
    },
    {
      "cve": "CVE-2024-36017",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation Each attribute inside a nested IFLA_VF_VLAN_LIST is assumed to be a struct ifla_vf_vlan_info so the size of such attribute needs to be at least of sizeof(struct ifla_vf_vlan_info) which is 14 bytes. The current size validation in do_setvfinfo is against NLA_HDRLEN (4 bytes) which is less than sizeof(struct ifla_vf_vlan_info) so this validation is not enough and a too small attribute might be cast to a struct ifla_vf_vlan_info, this might result in an out of bands read access when accessing the saved (casted) entry in ivvl.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-36017"
    },
    {
      "cve": "CVE-2024-36286",
      "cwe": {
        "id": "CWE-1287",
        "name": "Improper Validation of Specified Type of Input"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-36286"
    },
    {
      "cve": "CVE-2024-36484",
      "cwe": {
        "id": "CWE-99",
        "name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net: relax socket state check at accept time.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-36484"
    },
    {
      "cve": "CVE-2024-36904",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-36904"
    },
    {
      "cve": "CVE-2024-36905",
      "cwe": {
        "id": "CWE-369",
        "name": "Divide By Zero"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-36905"
    },
    {
      "cve": "CVE-2024-36934",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: bna: ensure the copied buf is NUL terminated Currently, we allocate a nbytes-sized kernel buffer and copy nbytes from userspace to that buffer. Later, we use sscanf on this buffer but we don\u0027t ensure that the string is terminated inside the buffer, this can lead to OOB read when using sscanf. Fix this issue by using memdup_user_nul instead of memdup_user.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-36934"
    },
    {
      "cve": "CVE-2024-37356",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: tcp: Fix shift-out-of-bounds in dctcp_update_alpha().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-37356"
    },
    {
      "cve": "CVE-2024-38596",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-38596"
    },
    {
      "cve": "CVE-2024-38598",
      "cwe": {
        "id": "CWE-667",
        "name": "Improper Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: md: fix resync softlockup when bitmap size is less than array size.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-38598"
    },
    {
      "cve": "CVE-2024-38612",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix invalid unregister error path The error path of seg6_init() is wrong in case CONFIG_IPV6_SEG6_LWTUNNEL is not defined. In that case if seg6_hmac_init() fails, the genl_unregister_family() isn\u0027t called. This issue exist since commit 46738b1317e1 (\"ipv6: sr: add option to control lwtunnel support\"), and commit 5559cea2d5aa (\"ipv6: sr: fix possible use-after-free and null-ptr-deref\") replaced unregister_pernet_subsys() with genl_unregister_family() in this error path.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-38612"
    },
    {
      "cve": "CVE-2024-38621",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: media: stk1160: fix bounds checking in stk1160_copy_video() The subtract in this condition is reversed. The -\u003elength is the length of the buffer. The -\u003ebytesused is how many bytes we have copied thus far. When the condition is reversed that means the result of the subtraction is always negative but since it\u0027s unsigned then the result is a very high positive value. That means the overflow check is never true. Additionally, the -\u003ebytesused doesn\u0027t actually work for this purpose because we\u0027re not writing to \"buf-\u003emem + buf-\u003ebytesused\". Instead, the math to calculate the destination where we are writing is a bit involved. You calculate the number of full lines already written, multiply by two, skip a line if necessary so that we start on an odd numbered line, and add the offset into the line. To fix this buffer overflow, just take the actual destination where we are writing, if the offset is already out of bounds print an error and return. Otherwise, write up to buf-\u003elength bytes.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-38621"
    },
    {
      "cve": "CVE-2024-38780",
      "cwe": {
        "id": "CWE-667",
        "name": "Improper Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: dma-buf/sw-sync: don\u0027t enable IRQ from sync_print_obj().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-38780"
    },
    {
      "cve": "CVE-2024-39292",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: um: Add winch to winch_handlers before registering winch IRQ Registering a winch IRQ is racy, an interrupt may occur before the winch is added to the winch_handlers list. If that happens, register_winch_irq() adds to that list a winch that is scheduled to be (or has already been) freed, causing a panic later in winch_cleanup(). Avoid the race by adding the winch to the winch_handlers list before registering the IRQ, and rolling back if um_request_irq() fails.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-39292"
    },
    {
      "cve": "CVE-2024-39469",
      "cwe": {
        "id": "CWE-1050",
        "name": "Excessive Platform Resource Consumption within a Loop"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors The error handling in nilfs_empty_dir() when a directory folio/page read fails is incorrect, as in the old ext2 implementation, and if the folio/page cannot be read or nilfs_check_folio() fails, it will falsely determine the directory as empty and corrupt the file system. In addition, since nilfs_empty_dir() does not immediately return on a failed folio/page read, but continues to loop, this can cause a long loop with I/O if i_size of the directory\u0027s inode is also corrupted, causing the log writer thread to wait and hang, as reported by syzbot. Fix these issues by making nilfs_empty_dir() immediately return a false value (0) if it fails to get a directory folio/page.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-39469"
    },
    {
      "cve": "CVE-2024-39487",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-39487"
    },
    {
      "cve": "CVE-2024-39489",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix memleak in seg6_hmac_init_algo seg6_hmac_init_algo returns without cleaning up the previous allocations if one fails, so it\u0027s going to leak all that memory and the crypto tfms. Update seg6_hmac_exit to only free the memory when allocated, so we can reuse the code directly.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-39489"
    },
    {
      "cve": "CVE-2024-40901",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-40901"
    },
    {
      "cve": "CVE-2024-40959",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-40959"
    },
    {
      "cve": "CVE-2024-41046",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiq_etop: fix double free in detach The number of the currently released descriptor is never incremented which results in the same skb being released multiple times.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-41046"
    },
    {
      "cve": "CVE-2024-42070",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers register store validation for NFT_DATA_VALUE is conditional, however, the datatype is always either NFT_DATA_VALUE or NFT_DATA_VERDICT. This only requires a new helper function to infer the register type from the set datatype so this conditional check can be removed. Otherwise, pointer to chain object can be leaked through the registers.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-42070"
    },
    {
      "cve": "CVE-2024-42096",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: x86: stop playing stack games in profile_pc().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-42096"
    },
    {
      "cve": "CVE-2024-42106",
      "cwe": {
        "id": "CWE-908",
        "name": "Use of Uninitialized Resource"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: inet_diag: Initialize pad field in struct inet_diag_req_v2.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-42106"
    },
    {
      "cve": "CVE-2024-42131",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: mm: avoid overflows in dirty throttling logic The dirty throttling logic is interspersed with assumptions that dirty limits in PAGE_SIZE units fit into 32-bit (so that various multiplications fit into 64-bits). If limits end up being larger, we will hit overflows, possible divisions by 0 etc. Fix these problems by never allowing so large dirty limits as they have dubious practical value anyway. For dirty_bytes / dirty_background_bytes interfaces we can just refuse to set so large limits. For dirty_ratio / dirty_background_ratio it isn\u0027t so simple as the dirty limit is computed from the amount of available memory which can change due to memory hotplug etc. So when converting dirty limits from ratios to numbers of pages, we just don\u0027t allow the result to exceed UINT_MAX. This is root-only triggerable problem which occurs when the operator sets dirty limits to \u003e16 TB.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-42131"
    },
    {
      "cve": "CVE-2024-42154",
      "cwe": {
        "id": "CWE-805",
        "name": "Buffer Access with Incorrect Length Value"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: tcp_metrics: validate source addr length I don\u0027t see anything checking that TCP_METRICS_ATTR_SADDR_IPV4 is at least 4 bytes long, and the policy doesn\u0027t have an entry for this attribute at all (neither does it for IPv6 but v6 is manually validated).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-42154"
    },
    {
      "cve": "CVE-2024-43871",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: devres: Fix memory leakage caused by driver API devm_free_percpu() It will cause memory leakage when use driver API devm_free_percpu() to free memory allocated by devm_alloc_percpu(), fixed by using devres_release() instead of devres_destroy() within devm_free_percpu().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-43871"
    },
    {
      "cve": "CVE-2024-44944",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use helper function to calculate expect ID Delete expectation path is missing a call to the nf_expect_get_id() helper function to calculate the expectation ID, otherwise LSB of the expectation object address is leaked to userspace.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-44944"
    },
    {
      "cve": "CVE-2024-44965",
      "cwe": {
        "id": "CWE-229",
        "name": "Improper Handling of Values"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix pti_clone_pgtable() alignment assumption Guenter reported dodgy crashes on an i386-nosmp build using GCC-11 that had the form of endless traps until entry stack exhaust and then #DF from the stack guard. It turned out that pti_clone_pgtable() had alignment assumptions on the start address, notably it hard assumes start is PMD aligned. This is true on x86_64, but very much not true on i386. These assumptions can cause the end condition to malfunction, leading to a \u0027short\u0027 clone. Guess what happens when the user mapping has a short copy of the entry text? Use the correct increment form for addr to avoid alignment assumptions.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-44965"
    },
    {
      "cve": "CVE-2024-46743",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: of/irq: Prevent device address out-of-bounds read in interrupt map walk.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-46743"
    },
    {
      "cve": "CVE-2024-46745",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: Input: uinput - reject requests with unreasonable number of slots When exercising uinput interface syzkaller may try setting up device with a really large number of slots, which causes memory allocation failure in input_mt_init_slots(). While this allocation failure is handled properly and request is rejected, it results in syzkaller reports. Additionally, such request may put undue burden on the system which will try to free a lot of memory for a bogus request. Fix it by limiting allowed number of slots to 100. This can easily be extended if we see devices that can track more than 100 contacts.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-46745"
    },
    {
      "cve": "CVE-2024-46750",
      "cwe": {
        "id": "CWE-413",
        "name": "Improper Resource Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: PCI: Add missing bridge lock to pci_bus_lock().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-46750"
    },
    {
      "cve": "CVE-2024-47684",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ntcp: check skb is non-NULL in tcp_rto_delta_us()\r\n\r\nWe have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic\r\nkernel that are running ceph and recently hit a null ptr dereference in\r\ntcp_rearm_rto(). Initially hitting it from the TLP path, but then later we also\r\nsaw it getting hit from the RACK case as well. Here are examples of the oops\r\nmessages we saw in each of those cases:\r\n\r\nJul 26 15:05:02 rx [11061395.780353] BUG: kernel NULL pointer dereference, address: 0000000000000020\r\nJul 26 15:05:02 rx [11061395.787572] #PF: supervisor read access in kernel mode\r\nJul 26 15:05:02 rx [11061395.792971] #PF: error_code(0x0000) - not-present page\r\nJul 26 15:05:02 rx [11061395.798362] PGD 0 P4D 0\r\nJul 26 15:05:02 rx [11061395.801164] Oops: 0000 [#1] SMP NOPTI\r\nJul 26 15:05:02 rx [11061395.805091] CPU: 0 PID: 9180 Comm: msgr-worker-1 Tainted: G W 5.4.0-174-generic #193-Ubuntu\r\nJul 26 15:05:02 rx [11061395.814996] Hardware name: Supermicro SMC 2x26 os-gen8 64C NVME-Y 256G/H12SSW-NTR, BIOS 2.5.V1.2U.NVMe.UEFI 05/09/2023\r\nJul 26 15:05:02 rx [11061395.825952] RIP: 0010:tcp_rearm_rto+0xe4/0x160\r\nJul 26 15:05:02 rx [11061395.830656] Code: 87 ca 04 00 00 00 5b 41 5c 41 5d 5d c3 c3 49 8b bc 24 40 06 00 00 eb 8d 48 bb cf f7 53 e3 a5 9b c4 20 4c 89 ef e8 0c fe 0e 00 \u003c48\u003e 8b 78 20 48 c1 ef 03 48 89 f8 41 8b bc 24 80 04 00 00 48 f7 e3\r\nJul 26 15:05:02 rx [11061395.849665] RSP: 0018:ffffb75d40003e08 EFLAGS: 00010246\r\nJul 26 15:05:02 rx [11061395.855149] RAX: 0000000000000000 RBX: 20c49ba5e353f7cf RCX: 0000000000000000\r\nJul 26 15:05:02 rx [11061395.862542] RDX: 0000000062177c30 RSI: 000000000000231c RDI: ffff9874ad283a60\r\nJul 26 15:05:02 rx [11061395.869933] RBP: ffffb75d40003e20 R08: 0000000000000000 R09: ffff987605e20aa8\r\nJul 26 15:05:02 rx [11061395.877318] R10: ffffb75d40003f00 R11: ffffb75d4460f740 R12: ffff9874ad283900\r\nJul 26 15:05:02 rx [11061395.884710] R13: ffff9874ad283a60 R14: ffff9874ad283980 R15: ffff9874ad283d30\r\nJul 26 15:05:02 rx [11061395.892095] FS: 00007f1ef4a2e700(0000) GS:ffff987605e00000(0000) knlGS:0000000000000000\r\nJul 26 15:05:02 rx [11061395.900438] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\r\nJul 26 15:05:02 rx [11061395.906435] CR2: 0000000000000020 CR3: 0000003e450ba003 CR4: 0000000000760ef0\r\nJul 26 15:05:02 rx [11061395.913822] PKRU: 55555554\r\nJul 26 15:05:02 rx [11061395.916786] Call Trace:\r\nJul 26 15:05:02 rx [11061395.919488]\r\nJul 26 15:05:02 rx [11061395.921765] ? show_regs.cold+0x1a/0x1f\r\nJul 26 15:05:02 rx [11061395.925859] ? __die+0x90/0xd9\r\nJul 26 15:05:02 rx [11061395.929169] ? no_context+0x196/0x380\r\nJul 26 15:05:02 rx [11061395.933088] ? ip6_protocol_deliver_rcu+0x4e0/0x4e0\r\nJul 26 15:05:02 rx [11061395.938216] ? ip6_sublist_rcv_finish+0x3d/0x50\r\nJul 26 15:05:02 rx [11061395.943000] ? __bad_area_nosemaphore+0x50/0x1a0\r\nJul 26 15:05:02 rx [11061395.947873] ? bad_area_nosemaphore+0x16/0x20\r\nJul 26 15:05:02 rx [11061395.952486] ? do_user_addr_fault+0x267/0x450\r\nJul 26 15:05:02 rx [11061395.957104] ? ipv6_list_rcv+0x112/0x140\r\nJul 26 15:05:02 rx [11061395.961279] ? __do_page_fault+0x58/0x90\r\nJul 26 15:05:02 rx [11061395.965458] ? do_page_fault+0x2c/0xe0\r\nJul 26 15:05:02 rx [11061395.969465] ? page_fault+0x34/0x40\r\nJul 26 15:05:02 rx [11061395.973217] ? tcp_rearm_rto+0xe4/0x160\r\nJul 26 15:05:02 rx [11061395.977313] ? tcp_rearm_rto+0xe4/0x160\r\nJul 26 15:05:02 rx [11061395.981408] tcp_send_loss_probe+0x10b/0x220\r\nJul 26 15:05:02 rx [11061395.985937] tcp_write_timer_handler+0x1b4/0x240\r\nJul 26 15:05:02 rx [11061395.990809] tcp_write_timer+0x9e/0xe0\r\nJul 26 15:05:02 rx [11061395.994814] ? tcp_write_timer_handler+0x240/0x240\r\nJul 26 15:05:02 rx [11061395.999866] call_timer_fn+0x32/0x130\r\nJul 26 15:05:02 rx [11061396.003782] __run_timers.part.0+0x180/0x280\r\nJul 26 15:05:02 rx [11061396.008309] ? recalibrate_cpu_khz+0x10/0x10\r\nJul 26 15:05:02 rx [11061396.012841] ? native_x2apic_icr_write+0x30/0x30\r\nJul 26 15:05:02 rx [11061396.017718] ? lapic_next_even\r\n---truncated---",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-47684"
    },
    {
      "cve": "CVE-2024-47701",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ext4: avoid OOB when system.data xattr changes underneath the filesystem.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-47701"
    },
    {
      "cve": "CVE-2024-47707",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ipv6: A NULL dereference vulnerability may occur in rt6_uncached_list_flush_dev() due to the necessary check being removed by a previous commit.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-47707"
    },
    {
      "cve": "CVE-2024-47737",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: nfsd: call cache_put if xdr_reserve_space returns NULL.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-47737"
    },
    {
      "cve": "CVE-2024-48881",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-48881"
    },
    {
      "cve": "CVE-2024-49881",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ext4: update orig_path in ext4_find_extent().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-49881"
    },
    {
      "cve": "CVE-2024-49884",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ext4: fix slab-use-after-free in ext4_split_extent_at().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-49884"
    },
    {
      "cve": "CVE-2024-49948",
      "cwe": {
        "id": "CWE-124",
        "name": "Buffer Underwrite (\u0027Buffer Underflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net: add more sanity checks to qdisc_pkt_len_init().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-49948"
    },
    {
      "cve": "CVE-2024-49949",
      "cwe": {
        "id": "CWE-124",
        "name": "Buffer Underwrite (\u0027Buffer Underflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net: avoid potential underflow in qdisc_pkt_len_init() with UFO.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-49949"
    },
    {
      "cve": "CVE-2024-49952",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: prevent nf_skb_duplicated corruption.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-49952"
    },
    {
      "cve": "CVE-2024-49982",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in more places For fixing CVE-2023-6270, f98364e92662 (\"aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts\") makes tx() calling dev_put() instead of doing in aoecmd_cfg_pkts(). It avoids that the tx() runs into use-after-free. Then Nicolai Stange found more places in aoe have potential use-after-free problem with tx(). e.g. revalidate(), aoecmd_ata_rw(), resend(), probe() and aoecmd_cfg_rsp(). Those functions also use aoenet_xmit() to push packet to tx queue. So they should also use dev_hold() to increase the refcnt of skb-\u003edev. On the other hand, moving dev_put() to tx() causes that the refcnt of skb-\u003edev be reduced to a negative value, because corresponding dev_hold() are not called in revalidate(), aoecmd_ata_rw(), resend(), probe(), and aoecmd_cfg_rsp(). This patch fixed this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-49982"
    },
    {
      "cve": "CVE-2024-49997",
      "cwe": {
        "id": "CWE-226",
        "name": "Sensitive Information in Resource Not Removed Before Reuse"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiq_etop: fix memory disclosure When applying padding, the buffer is not zeroed, which results in memory disclosure. The mentioned data is observed on the wire. This patch uses skb_put_padto() to pad Ethernet frames properly. The mentioned function zeroes the expanded buffer. In case the packet cannot be padded it is silently dropped. Statistics are also not incremented. This driver does not support statistics in the old 32-bit format or the new 64-bit format. These will be added in the future. In its current form, the patch should be easily backported to stable versions. Ethernet MACs on Amazon-SE and Danube cannot do padding of the packets in hardware, so software padding must be applied.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-49997"
    },
    {
      "cve": "CVE-2024-50006",
      "cwe": {
        "id": "CWE-833",
        "name": "Deadlock"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ext4: fix i_data_sem unlock order in ext4_ind_migrate().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-50006"
    },
    {
      "cve": "CVE-2024-50040",
      "cwe": {
        "id": "CWE-390",
        "name": "Detection of Error Condition Without Action"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: igb: Do not bring the device up after non-fatal error.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-50040"
    },
    {
      "cve": "CVE-2024-50045",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: br_netfilter: fix panic with metadata_dst skb.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-50045"
    },
    {
      "cve": "CVE-2024-50251",
      "cwe": {
        "id": "CWE-131",
        "name": "Incorrect Calculation of Buffer Size"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_payload: sanitize offset and length before calling skb_checksum() If access to offset + length is larger than the skbuff length, then skb_checksum() triggers BUG_ON(). skb_checksum() internally subtracts the length parameter while iterating over skbuff, BUG_ON(len) at the end of it checks that the expected length to be included in the checksum calculation is fully consumed.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-50251"
    },
    {
      "cve": "CVE-2024-50262",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: bpf: Fix out-of-bounds write in trie_get_next_key().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-50262"
    },
    {
      "cve": "CVE-2024-50299",
      "cwe": {
        "id": "CWE-131",
        "name": "Incorrect Calculation of Buffer Size"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: sctp: properly validate chunk size in sctp_sf_ootb()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-50299"
    },
    {
      "cve": "CVE-2024-50301",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: security/keys: fix slab-out-of-bounds in key_task_permission.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-50301"
    },
    {
      "cve": "CVE-2024-50602",
      "cwe": {
        "id": "CWE-754",
        "name": "Improper Check for Unusual or Exceptional Conditions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-50602"
    },
    {
      "cve": "CVE-2024-52332",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "igb: Fix potential invalid memory access in igb_init_module() The pci_register_driver() can fail and when this happened, the dca_notifier needs to be unregistered, otherwise the dca_notifier can be called when igb fails to install, resulting to invalid memory access.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-52332"
    },
    {
      "cve": "CVE-2024-52533",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing \u0027\\\\0\u0027 character.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-52533"
    },
    {
      "cve": "CVE-2024-53057",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-53057"
    },
    {
      "cve": "CVE-2024-53124",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "net: fix data-races around sk sk_forward_alloc.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-53124"
    },
    {
      "cve": "CVE-2024-53140",
      "cwe": {
        "id": "CWE-755",
        "name": "Improper Handling of Exceptional Conditions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netlink: terminate outstanding dump on socket close Netlink supports iterative dumping of data. It provides the families the following ops: - start - (optional) kicks off the dumping process - dump - actual dump helper, keeps getting called until it returns 0 - done - (optional) pairs with .start, can be used for cleanup The whole process is asynchronous and the repeated calls to .dump don\u0027t actually happen in a tight loop, but rather are triggered in response to recvmsg() on the socket. This gives the user full control over the dump, but also means that the user can close the socket without getting to the end of the dump. To make sure .start is always paired with .done we check if there is an ongoing dump before freeing the socket, and if so call .done. The complication is that sockets can get freed from BH and .done is allowed to sleep. So we use a workqueue to defer the call, when needed. Unfortunately this does not work correctly. What we defer is not the cleanup but rather releasing a reference on the socket. We have no guarantee that we own the last reference, if someone else holds the socket they may release it in BH and we\u0027re back to square one. The whole dance, however, appears to be unnecessary. Only the user can interact with dumps, so we can clean up when socket is closed. And close always happens in process context. Some async code may still access the socket after close, queue notification skbs to it etc. but no dumps can start, end or otherwise make progress. Delete the workqueue and flush the dump state directly from the release handler. Note that further cleanup is possible in -next, for instance we now always call .done before releasing the main module reference, so dump doesn\u0027t have to take a reference of its own.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-53140"
    },
    {
      "cve": "CVE-2024-53164",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch-\u003eq.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a call to said function because otherwise it may fail to notify parent qdiscs when the child is about to become empty.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-53164"
    },
    {
      "cve": "CVE-2024-53165",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: sh: intc: Fix use-after-free bug in register_intc_controller() In the error handling for this function, d is freed without ever removing it from intc_list which would lead to a use after free. To fix this, let\u0027s only add it to the list after everything has succeeded.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-53165"
    },
    {
      "cve": "CVE-2024-53217",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent NULL dereference in nfsd4_process_cb_update().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-53217"
    },
    {
      "cve": "CVE-2024-56433",
      "cwe": {
        "id": "CWE-1188",
        "name": "Initialization of a Resource with an Insecure Default"
      },
      "notes": [
        {
          "category": "summary",
          "text": "shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.6,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-56433"
    },
    {
      "cve": "CVE-2024-56569",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ftrace: Fix regression with module command in stack_trace_filter When executing the following command: # echo \"write*:mod:ext3\" \u003e /sys/kernel/tracing/stack_trace_filter The current mod command causes a null pointer dereference. While commit 0f17976568b3f (\"ftrace: Fix regression with module command in stack_trace_filter\") has addressed part of the issue, it left a corner case unhandled, which still results in a kernel crash.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-56569"
    },
    {
      "cve": "CVE-2024-56570",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ovl: Filter invalid inodes with missing lookup function Add a check to the ovl_dentry_weird() function to prevent the processing of directory inodes that lack the lookup function.This is important because such inodes can cause errors in overlayfs when passed to the lowerstack.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-56570"
    },
    {
      "cve": "CVE-2024-56600",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "net: inet6: do not leave a dangling sk pointer in inet6_create() sock_init_data() attaches the allocated sk pointer to the provided sock object. If inet6_create() fails later, the sk object is released, but the sock object retains the dangling sk pointer, which may cause use-after-free later. Clear the sock sk pointer on error.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-56600"
    },
    {
      "cve": "CVE-2024-56601",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inet_create() sock_init_data() attaches the allocated sk object to the provided sock object. If inet_create() fails later, the sk object is freed, but the sock object retains the dangling pointer, which may create use-after-free later. Clear the sk pointer in the sock object on error.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-56601"
    },
    {
      "cve": "CVE-2024-56606",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "af_packet: avoid erroring out after sock_init_data() in packet_create() After sock_init_data() the allocated sk object is attached to the provided sock object. On error, packet_create() frees the sk object leaving the dangling pointer in the sock object on return. Some other code may try to use this pointer and cause use-after-free.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-56606"
    },
    {
      "cve": "CVE-2024-56644",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net/ipv6: release expired exception dst cached in socket Dst objects get leaked in ip6_negative_advice() when this function is executed for an expired IPv6 route located in the exception table.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-56644"
    },
    {
      "cve": "CVE-2024-56650",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: fix LED ID check in led_tg_check() Syzbot has reported the following BUG detected by KASAN",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-56650"
    },
    {
      "cve": "CVE-2024-56770",
      "cwe": {
        "id": "CWE-670",
        "name": "Always-Incorrect Control Flow Implementation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "net/sched: netem: The interface fully stops transferring packets and \"locks\". In this case, the child qdisc and tfifo are empty, but \u0027qlen\u0027 indicates the tfifo is at its limit and no more packets are accepted.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-56770"
    },
    {
      "cve": "CVE-2024-56779",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur\r\n\r\nThe action force umount(umount -f) will attempt to kill all rpc_task even\r\numount operation may ultimately fail if some files remain open.\r\nConsequently, if an action attempts to open a file, it can potentially\r\nsend two rpc_task to nfs server.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-56779"
    },
    {
      "cve": "CVE-2024-56780",
      "cwe": {
        "id": "CWE-833",
        "name": "Deadlock"
      },
      "notes": [
        {
          "category": "summary",
          "text": "quota: flush quota_release_work upon quota writeback One of the paths quota writeback is called from is: freeze_super() sync_filesystem() ext4_sync_fs() dquot_writeback_dquots().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-56780"
    },
    {
      "cve": "CVE-2024-57884",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim()\r\n\r\nThe task sometimes continues looping in throttle_direct_reclaim() because\r\nallow_direct_reclaim(pgdat) keeps returning false.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-57884"
    },
    {
      "cve": "CVE-2024-57901",
      "cwe": {
        "id": "CWE-664",
        "name": "Improper Control of a Resource Through its Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "af_packet: vlan_get_protocol_dgram() vs MSG_PEEK Blamed allowing a crash.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2024-57901"
    },
    {
      "cve": "CVE-2025-0167",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When asked to use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has a default entry that omits both login and password. A rare circumstance.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.4,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2025-0167"
    },
    {
      "cve": "CVE-2025-0395",
      "cwe": {
        "id": "CWE-131",
        "name": "Incorrect Calculation of Buffer Size"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2025-0395"
    },
    {
      "cve": "CVE-2025-0665",
      "cwe": {
        "id": "CWE-1341",
        "name": "Multiple Releases of Same Resource or Handle"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2025-0665"
    },
    {
      "cve": "CVE-2025-0725",
      "cwe": {
        "id": "CWE-680",
        "name": "Integer Overflow to Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPT_ACCEPT_ENCODING option, using zlib 1.2.0.3 or older, an attacker-controlled integer overflow would make libcurl perform a buffer overflow.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2025-0725"
    },
    {
      "cve": "CVE-2025-1390",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The PAM module pam_cap.so of libcap configuration supports group names starting with \u201c@\u201d, during actual parsing, configurations not starting with \u201c@\u201d are incorrectly recognized as group names. This may result in nonintended users being granted an inherited capability set, potentially leading to security risks. Attackers can exploit this vulnerability to achieve local privilege escalation on systems where /etc/security/capability.conf is used to configure user inherited privileges by constructing specific usernames.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2025-1390"
    },
    {
      "cve": "CVE-2025-3277",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An integer overflow can be triggered in SQLite\u0027s \u0027concat_ws()\u0027 function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a wild Heap Buffer overflow of size 4GB can be triggered. This can result in arbitrary code execution.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2025-3277"
    },
    {
      "cve": "CVE-2025-3360",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "1. Describe what is the vulnerability about, e.g.:\n    Affected devices do not properly validate input in the hack-me endpoint of the web service.\n\n    2. Describe what an attacker could do with it - e.g.:\n    This could allow an unauthenticated remote attacker to execute arbitrary code on the device.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 0.0,
            "baseSeverity": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2025-3360"
    },
    {
      "cve": "CVE-2025-21694",
      "cwe": {
        "id": "CWE-667",
        "name": "Improper Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "fs/proc: softlockup in __read_vmcore",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2025-21694"
    },
    {
      "cve": "CVE-2025-26466",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2025-26466"
    },
    {
      "cve": "CVE-2025-29087",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQLite, the concat_ws() SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string (e.g., 2MB or more), an integer overflow occurs in calculating the size of the result buffer, and thus malloc may not allocate enough memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2025-29087"
    },
    {
      "cve": "CVE-2025-29088",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability in sqlite allows an attacker to cause a denial of service via the SQLITE_DBCONFIG_LOOKASIDE component.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2025-29088"
    },
    {
      "cve": "CVE-2025-32728",
      "cwe": {
        "id": "CWE-440",
        "name": "Expected Behavior Violation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "title": "CVE-2025-32728"
    }
  ]
}

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Multiple vulnerabilities have been identified in the BIOS of the SIMATIC S7-1500 TM MFP before V1.3.0.\n\nSiemens has released a new version for SIMATIC S7-1500 TM MFP - BIOS and recommends to update to the latest version.",
        "title": "Summary"
      },
      {
        "category": "general",
        "text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
        "title": "General Recommendations"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "productcert@siemens.com",
      "name": "Siemens ProductCERT",
      "namespace": "https://www.siemens.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "SSA-831302: Vulnerabilities in the BIOS of the SIMATIC S7-1500 TM MFP before V1.3.0 - HTML Version",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-831302.html"
      },
      {
        "category": "self",
        "summary": "SSA-831302: Vulnerabilities in the BIOS of the SIMATIC S7-1500 TM MFP before V1.3.0 - CSAF Version",
        "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-831302.json"
      },
      {
        "category": "self",
        "summary": "SSA-831302: Vulnerabilities in the BIOS of the SIMATIC S7-1500 TM MFP before V1.3.0 - PDF Version",
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-831302.pdf"
      },
      {
        "category": "self",
        "summary": "SSA-831302: Vulnerabilities in the BIOS of the SIMATIC S7-1500 TM MFP before V1.3.0 - TXT Version",
        "url": "https://cert-portal.siemens.com/productcert/txt/ssa-831302.txt"
      }
    ],
    "title": "SSA-831302: Vulnerabilities in the BIOS of the SIMATIC S7-1500 TM MFP before V1.3.0",
    "tracking": {
      "current_release_date": "2024-04-09T00:00:00Z",
      "generator": {
        "engine": {
          "name": "Siemens ProductCERT CSAF Generator",
          "version": "1"
        }
      },
      "id": "SSA-831302",
      "initial_release_date": "2023-06-13T00:00:00Z",
      "revision_history": [
        {
          "date": "2023-06-13T00:00:00Z",
          "legacy_version": "1.0",
          "number": "1",
          "summary": "Publication Date"
        },
        {
          "date": "2023-09-12T00:00:00Z",
          "legacy_version": "1.1",
          "number": "2",
          "summary": "Added CVE-2022-1015, CVE-2023-2898, CVE-2023-31248, CVE-2023-3390, CVE-2023-35001, CVE-2023-3610, CVE-2023-3611, CVE-2023-3776, CVE-2023-4004, CVE-2023-4015, CVE-2023-4128, CVE-2023-4147, CVE-2023-4273"
        },
        {
          "date": "2023-11-14T00:00:00Z",
          "legacy_version": "1.2",
          "number": "3",
          "summary": "Added CVE-2023-4527, CVE-2023-4806, CVE-2023-4911, CVE-2023-5156"
        },
        {
          "date": "2023-12-12T00:00:00Z",
          "legacy_version": "1.3",
          "number": "4",
          "summary": "Added CVE-2021-44879, CVE-2023-45863"
        },
        {
          "date": "2024-04-09T00:00:00Z",
          "legacy_version": "1.4",
          "number": "5",
          "summary": "Added fix for SIMATIC S7-1500 TM MFP - BIOS"
        }
      ],
      "status": "interim",
      "version": "5"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cV1.3.0",
                "product": {
                  "name": "SIMATIC S7-1500 TM MFP - BIOS",
                  "product_id": "1"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 TM MFP - BIOS"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2016-10228",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2016-10228"
    },
    {
      "cve": "CVE-2019-25013",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2019-25013"
    },
    {
      "cve": "CVE-2020-1752",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2020-1752"
    },
    {
      "cve": "CVE-2020-10029",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2020-10029"
    },
    {
      "cve": "CVE-2020-27618",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2020-27618"
    },
    {
      "cve": "CVE-2020-29562",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2020-29562"
    },
    {
      "cve": "CVE-2021-3326",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-3326"
    },
    {
      "cve": "CVE-2021-3998",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-3998"
    },
    {
      "cve": "CVE-2021-3999",
      "cwe": {
        "id": "CWE-193",
        "name": "Off-by-one Error"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-3999"
    },
    {
      "cve": "CVE-2021-20269",
      "cwe": {
        "id": "CWE-276",
        "name": "Incorrect Default Permissions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the permissions of a log file created by kexec-tools. This flaw allows a local unprivileged user to read this file and leak kernel internal information from a previous panic. The highest threat from this vulnerability is to confidentiality. This flaw affects kexec-tools shipped by Fedora versions prior to 2.0.21-8 and RHEL versions prior to 2.0.20-47.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-20269"
    },
    {
      "cve": "CVE-2021-27645",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-27645"
    },
    {
      "cve": "CVE-2021-28831",
      "cwe": {
        "id": "CWE-755",
        "name": "Improper Handling of Exceptional Conditions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-28831"
    },
    {
      "cve": "CVE-2021-33574",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-33574"
    },
    {
      "cve": "CVE-2021-35942",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-35942"
    },
    {
      "cve": "CVE-2021-38604",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 fix.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-38604"
    },
    {
      "cve": "CVE-2021-42373",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference in Busybox\u0027s man applet leads to denial of service when a section name is supplied but no page argument is given.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-42373"
    },
    {
      "cve": "CVE-2021-42374",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds heap read in Busybox\u0027s unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed. This can be triggered by any applet/format that internally supports LZMA compression.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-42374"
    },
    {
      "cve": "CVE-2021-42375",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An incorrect handling of a special element in Busybox\u0027s ash applet leads to denial of service when processing a crafted shell command, due to the shell mistaking specific characters for reserved characters. This may be used for DoS under rare conditions of filtered command input.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-42375"
    },
    {
      "cve": "CVE-2021-42376",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference in Busybox\u0027s hush applet leads to denial of service when processing a crafted shell command, due to missing validation after a \\x03 delimiter character. This may be used for DoS under very rare conditions of filtered command input.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-42376"
    },
    {
      "cve": "CVE-2021-42377",
      "cwe": {
        "id": "CWE-763",
        "name": "Release of Invalid Pointer or Reference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An attacker-controlled pointer free in Busybox\u0027s hush applet leads to denial of service and possible code execution when processing a crafted shell command, due to the shell mishandling the \u0026\u0026\u0026 string. This may be used for remote code execution under rare conditions of filtered command input.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-42377"
    },
    {
      "cve": "CVE-2021-42378",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free in Busybox\u0027s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-42378"
    },
    {
      "cve": "CVE-2021-42379",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free in Busybox\u0027s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-42379"
    },
    {
      "cve": "CVE-2021-42380",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-42380"
    },
    {
      "cve": "CVE-2021-42381",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-42381"
    },
    {
      "cve": "CVE-2021-42382",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-42382"
    },
    {
      "cve": "CVE-2021-42383",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-42383"
    },
    {
      "cve": "CVE-2021-42384",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free in Busybox\u0027s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-42384"
    },
    {
      "cve": "CVE-2021-42385",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-42385"
    },
    {
      "cve": "CVE-2021-42386",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-42386"
    },
    {
      "cve": "CVE-2021-44879",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-44879"
    },
    {
      "cve": "CVE-2022-1015",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. This flaw allows a local user to cause an out-of-bounds write issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-1015"
    },
    {
      "cve": "CVE-2022-1882",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in the Linux kernel\u2019s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-1882"
    },
    {
      "cve": "CVE-2022-2585",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in the Linux kernel\u2019s POSIX CPU timers functionality in the way a user creates and then deletes the timer in the non-leader thread of the program. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-2585"
    },
    {
      "cve": "CVE-2022-2588",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-2588"
    },
    {
      "cve": "CVE-2022-2905",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds memory read flaw was found in the Linux kernel\u0027s BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-2905"
    },
    {
      "cve": "CVE-2022-3028",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A race condition was found in the Linux kernel\u0027s IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3028"
    },
    {
      "cve": "CVE-2022-3435",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fib_nh_match of the file net/ipv4/fib_semantics.c of the component IPv4 Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-210357 was assigned to this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3435"
    },
    {
      "cve": "CVE-2022-3586",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel\u2019s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3586"
    },
    {
      "cve": "CVE-2022-4378",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A stack overflow flaw was found in the Linux kernel\u0027s SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-4378"
    },
    {
      "cve": "CVE-2022-4662",
      "cwe": {
        "id": "CWE-455",
        "name": "Non-exit on Failed Initialization"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-4662"
    },
    {
      "cve": "CVE-2022-20421",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239630375References: Upstream kernel",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-20421"
    },
    {
      "cve": "CVE-2022-20422",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In emulation_proc_handler of armv8_deprecated.c, there is a possible way to corrupt memory due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237540956References: Upstream kernel",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-20422"
    },
    {
      "cve": "CVE-2022-21233",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Improper isolation of shared resources in some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-21233"
    },
    {
      "cve": "CVE-2022-23218",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-23218"
    },
    {
      "cve": "CVE-2022-23219",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-23219"
    },
    {
      "cve": "CVE-2022-28391",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record\u0027s value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal\u0027s colors.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-28391"
    },
    {
      "cve": "CVE-2022-30065",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free in Busybox 1.35-x\u0027s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-30065"
    },
    {
      "cve": "CVE-2022-39188",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-39188"
    },
    {
      "cve": "CVE-2022-39190",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-39190"
    },
    {
      "cve": "CVE-2022-40307",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-40307"
    },
    {
      "cve": "CVE-2022-41222",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-41222"
    },
    {
      "cve": "CVE-2022-42703",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-42703"
    },
    {
      "cve": "CVE-2023-0179",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-0179"
    },
    {
      "cve": "CVE-2023-0394",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-0394"
    },
    {
      "cve": "CVE-2023-1073",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A memory corruption flaw was found in the Linux kernel\u2019s human interface device (HID) subsystem in how a user inserts a malicious USB device. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-1073"
    },
    {
      "cve": "CVE-2023-2898",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user to cause a denial of service problem.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-2898"
    },
    {
      "cve": "CVE-2023-3390",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability was found in the Linux kernel\u0027s netfilter subsystem in net/netfilter/nf_tables_api.c.\n\nMishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local attacker with user access to cause a privilege escalation issue.\n\nWe recommend upgrading past commit\u00a01240eb93f0616b21c675416516ff3d74798fdc97.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-3390"
    },
    {
      "cve": "CVE-2023-3610",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\r\n\r\nFlaw in the error handling of bound chains causes a use-after-free in the abort path of NFT_MSG_NEWRULE. The vulnerability requires CAP_NET_ADMIN to be triggered.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-3610"
    },
    {
      "cve": "CVE-2023-3611",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds write vulnerability in the Linux kernel\u0027s net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\r\n\r\nThe qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-3611"
    },
    {
      "cve": "CVE-2023-3776",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: cls_fw component can be exploited to achieve local privilege escalation.\r\n\r\nIf tcf_change_indev() fails, fw_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-3776"
    },
    {
      "cve": "CVE-2023-4004",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in the Linux kernel\u0027s netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-4004"
    },
    {
      "cve": "CVE-2023-4015",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The netfilter subsystem in the Linux kernel did not properly handle bound chain deactivation in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-4015"
    },
    {
      "cve": "CVE-2023-4128",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel allows a local attacker to perform a local privilege escalation due to incorrect handling of the existing filter, leading to a kernel information leak.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-4128"
    },
    {
      "cve": "CVE-2023-4147",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u2019s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID allows a local user to crash or escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-4147"
    },
    {
      "cve": "CVE-2023-4273",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "This vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this vulnerability to overflow the kernel stack.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-4273"
    },
    {
      "cve": "CVE-2023-4527",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-4527"
    },
    {
      "cve": "CVE-2023-4806",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-4806"
    },
    {
      "cve": "CVE-2023-4911",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A buffer overflow was discovered in the GNU C Library\u0027s dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-4911"
    },
    {
      "cve": "CVE-2023-5156",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-5156"
    },
    {
      "cve": "CVE-2023-31248",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-31248"
    },
    {
      "cve": "CVE-2023-35001",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-35001"
    },
    {
      "cve": "CVE-2023-45863",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in a fill_kobj_path out-of-bounds write.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-45863"
    }
  ]
}

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 16.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 18.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 20.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 23.10",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 22.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2024-1085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-1085"
    },
    {
      "name": "CVE-2023-3006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3006"
    },
    {
      "name": "CVE-2023-46838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46838"
    },
    {
      "name": "CVE-2021-44879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44879"
    },
    {
      "name": "CVE-2023-51782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51782"
    },
    {
      "name": "CVE-2023-2002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2002"
    },
    {
      "name": "CVE-2024-26597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26597"
    },
    {
      "name": "CVE-2024-24855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24855"
    },
    {
      "name": "CVE-2023-46343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46343"
    },
    {
      "name": "CVE-2023-4244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4244"
    },
    {
      "name": "CVE-2023-23000",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23000"
    },
    {
      "name": "CVE-2023-51779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51779"
    },
    {
      "name": "CVE-2024-0607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0607"
    },
    {
      "name": "CVE-2024-26599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26599"
    },
    {
      "name": "CVE-2023-46862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46862"
    },
    {
      "name": "CVE-2024-0775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0775"
    },
    {
      "name": "CVE-2023-51781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51781"
    },
    {
      "name": "CVE-2023-51780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51780"
    },
    {
      "name": "CVE-2023-22995",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22995"
    },
    {
      "name": "CVE-2023-32247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32247"
    },
    {
      "name": "CVE-2023-34256",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-34256"
    },
    {
      "name": "CVE-2023-23004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23004"
    },
    {
      "name": "CVE-2023-4132",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4132"
    },
    {
      "name": "CVE-2023-4134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4134"
    },
    {
      "name": "CVE-2024-1086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-1086"
    },
    {
      "name": "CVE-2024-0340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0340"
    },
    {
      "name": "CVE-2023-39197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39197"
    },
    {
      "name": "CVE-2023-6121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6121"
    }
  ],
  "initial_release_date": "2024-03-29T00:00:00",
  "last_revision_date": "2024-03-29T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0263",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-03-29T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux d\u0027Ubuntu\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une ex\u00e9cution de code\narbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6707-4 du 28 mars 2024",
      "url": "https://ubuntu.com/security/notices/USN-6707-4"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6701-3 du 25 mars 2024",
      "url": "https://ubuntu.com/security/notices/USN-6701-3"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6707-3 du 25 mars 2024",
      "url": "https://ubuntu.com/security/notices/USN-6707-3"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6686-5 du 27 mars 2024",
      "url": "https://ubuntu.com/security/notices/USN-6686-5"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6704-3 du 25 mars 2024",
      "url": "https://ubuntu.com/security/notices/USN-6704-3"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6716-1 du 25 mars 2024",
      "url": "https://ubuntu.com/security/notices/USN-6716-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6704-4 du 28 mars 2024",
      "url": "https://ubuntu.com/security/notices/USN-6704-4"
    }
  ]
}

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP 12-SP4",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Live Patching 15-SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 12-SP4-LTSS",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 12-SP3-BCL",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15-SP3",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 12-SP3-LTSS",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "openSUSE Leap 15.3",
      "product": {
        "name": "openSUSE Leap",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE CaaS Platform 4.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE OpenStack Cloud Crowbar 9",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "openSUSE Leap 15.4",
      "product": {
        "name": "openSUSE Leap",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Realtime 15-SP2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15-SP1",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 12-SP5",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.1",
      "product": {
        "name": "SUSE Linux Enterprise Micro",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.0",
      "product": {
        "name": "SUSE Linux Enterprise Micro",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15-SP3",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP 12-SP3",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP 15-SP1",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Server 4.0",
      "product": {
        "name": "SUSE Manager Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "HPE Helion Openstack 8",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Live Patching 15-SP1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Proxy 4.0",
      "product": {
        "name": "SUSE Manager Proxy",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15-SP1-BCL",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Live Patching 15",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15-LTSS",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Availability 15",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 12-SP4",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15-SP1",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15-SP1-LTSS",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 12-SP3",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Real Time 15-SP2",
      "product": {
        "name": "SUSE Linux Enterprise Real Time",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE OpenStack Cloud 9",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE OpenStack Cloud 8",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Enterprise Storage 6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 12-SP4",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Availability 15-SP1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE OpenStack Cloud Crowbar 8",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Availability 12-SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Live Patching 12-SP4",
      "product": {
        "name": "SUSE Linux Enterprise Live Patching",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15-SP3",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP 15",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15-SP1",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Availability 12-SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Retail Branch Server 4.0",
      "product": {
        "name": "SUSE Manager Retail Branch Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 12-SP3",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-44879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44879"
    },
    {
      "name": "CVE-2022-28356",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28356"
    },
    {
      "name": "CVE-2022-23037",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23037"
    },
    {
      "name": "CVE-2022-23042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23042"
    },
    {
      "name": "CVE-2022-0644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0644"
    },
    {
      "name": "CVE-2022-23036",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23036"
    },
    {
      "name": "CVE-2022-27666",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27666"
    },
    {
      "name": "CVE-2022-1016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1016"
    },
    {
      "name": "CVE-2022-23038",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23038"
    },
    {
      "name": "CVE-2022-0487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0487"
    },
    {
      "name": "CVE-2022-26966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26966"
    },
    {
      "name": "CVE-2022-0886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0886"
    },
    {
      "name": "CVE-2022-0854",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0854"
    },
    {
      "name": "CVE-2022-1048",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1048"
    },
    {
      "name": "CVE-2022-0812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0812"
    },
    {
      "name": "CVE-2022-0516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0516"
    },
    {
      "name": "CVE-2022-23039",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23039"
    },
    {
      "name": "CVE-2022-23040",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23040"
    },
    {
      "name": "CVE-2021-39713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-39713"
    },
    {
      "name": "CVE-2021-45868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45868"
    },
    {
      "name": "CVE-2022-23041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23041"
    },
    {
      "name": "CVE-2022-25258",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25258"
    },
    {
      "name": "CVE-2022-24958",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24958"
    },
    {
      "name": "CVE-2022-28748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28748"
    },
    {
      "name": "CVE-2022-26490",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26490"
    },
    {
      "name": "CVE-2022-24448",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24448"
    },
    {
      "name": "CVE-2022-0492",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0492"
    },
    {
      "name": "CVE-2022-1055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1055"
    },
    {
      "name": "CVE-2021-0920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0920"
    },
    {
      "name": "CVE-2022-28388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28388"
    },
    {
      "name": "CVE-2022-28389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28389"
    },
    {
      "name": "CVE-2021-39698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-39698"
    },
    {
      "name": "CVE-2022-0617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0617"
    },
    {
      "name": "CVE-2022-0850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0850"
    },
    {
      "name": "CVE-2022-25375",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25375"
    },
    {
      "name": "CVE-2022-28390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28390"
    },
    {
      "name": "CVE-2022-24959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24959"
    }
  ],
  "initial_release_date": "2022-04-20T00:00:00",
  "last_revision_date": "2022-04-20T00:00:00",
  "links": [],
  "reference": "CERTFR-2022-AVI-362",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-04-20T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, un d\u00e9ni de service et\nune atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE 20221256-1 du 19 avril 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221256-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE 20221269-1 du 19 avril 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221269-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE 20221257-1 du 19 avril 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221257-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE 20221267-1 du 19 avril 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221267-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE 20221270-1 du 20 avril 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221270-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE 20221268-1 du 19 avril 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221268-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE 20221255-1 du 19 avril 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221255-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE 20221266-1 du 19 avril 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221266-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE 20221261-1 du 19 avril 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221261-1/"
    }
  ]
}

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SUSE Manager Retail Branch Server 4.3",
      "product": {
        "name": "SUSE Manager Retail Branch Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "openSUSE Leap 15.4",
      "product": {
        "name": "openSUSE Leap",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15-SP4",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Public Cloud 15-SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15-SP4",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Proxy 4.3",
      "product": {
        "name": "SUSE Manager Proxy",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15-SP4",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Server 4.3",
      "product": {
        "name": "SUSE Manager Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-30594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30594"
    },
    {
      "name": "CVE-2021-44879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44879"
    },
    {
      "name": "CVE-2022-21127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21127"
    },
    {
      "name": "CVE-2022-1652",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1652"
    },
    {
      "name": "CVE-2022-20132",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-20132"
    },
    {
      "name": "CVE-2022-29900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29900"
    },
    {
      "name": "CVE-2022-29901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29901"
    },
    {
      "name": "CVE-2022-21166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21166"
    },
    {
      "name": "CVE-2022-1651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1651"
    },
    {
      "name": "CVE-2022-33741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-33741"
    },
    {
      "name": "CVE-2022-1016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1016"
    },
    {
      "name": "CVE-2022-33742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-33742"
    },
    {
      "name": "CVE-2022-34918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-34918"
    },
    {
      "name": "CVE-2022-20154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-20154"
    },
    {
      "name": "CVE-2022-1998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1998"
    },
    {
      "name": "CVE-2022-21499",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21499"
    },
    {
      "name": "CVE-2022-33740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-33740"
    },
    {
      "name": "CVE-2022-21125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21125"
    },
    {
      "name": "CVE-2022-1184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1184"
    },
    {
      "name": "CVE-2021-45402",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45402"
    },
    {
      "name": "CVE-2022-0264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0264"
    },
    {
      "name": "CVE-2022-1972",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1972"
    },
    {
      "name": "CVE-2022-0494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0494"
    },
    {
      "name": "CVE-2021-33061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33061"
    },
    {
      "name": "CVE-2022-1966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1966"
    },
    {
      "name": "CVE-2022-21123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21123"
    },
    {
      "name": "CVE-2022-1012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1012"
    },
    {
      "name": "CVE-2022-1734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1734"
    },
    {
      "name": "CVE-2022-26490",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26490"
    },
    {
      "name": "CVE-2022-2318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2318"
    },
    {
      "name": "CVE-2021-26341",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-26341"
    },
    {
      "name": "CVE-2022-1679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1679"
    },
    {
      "name": "CVE-2022-1671",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1671"
    },
    {
      "name": "CVE-2022-1789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1789"
    },
    {
      "name": "CVE-2021-4204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4204"
    },
    {
      "name": "CVE-2022-29582",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29582"
    },
    {
      "name": "CVE-2022-33743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-33743"
    },
    {
      "name": "CVE-2022-1205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1205"
    },
    {
      "name": "CVE-2022-1729",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1729"
    },
    {
      "name": "CVE-2022-0617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0617"
    },
    {
      "name": "CVE-2022-1852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1852"
    },
    {
      "name": "CVE-2022-21180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21180"
    },
    {
      "name": "CVE-2022-26365",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26365"
    },
    {
      "name": "CVE-2022-33981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-33981"
    },
    {
      "name": "CVE-2022-1974",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1974"
    },
    {
      "name": "CVE-2022-23222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23222"
    },
    {
      "name": "CVE-2022-1198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1198"
    },
    {
      "name": "CVE-2022-1508",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1508"
    }
  ],
  "initial_release_date": "2022-08-02T00:00:00",
  "last_revision_date": "2022-08-02T00:00:00",
  "links": [],
  "reference": "CERTFR-2022-AVI-697",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-08-02T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code\narbitraire, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une\n\u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20222615-1 du 01 ao\u00fbt 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222615-1/"
    }
  ]
}

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 18.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 20.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 23.10",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 22.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-44879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44879"
    },
    {
      "name": "CVE-2024-25744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25744"
    },
    {
      "name": "CVE-2023-51782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51782"
    },
    {
      "name": "CVE-2023-6915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6915"
    },
    {
      "name": "CVE-2024-0646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0646"
    },
    {
      "name": "CVE-2023-46343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46343"
    },
    {
      "name": "CVE-2023-4244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4244"
    },
    {
      "name": "CVE-2023-51779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51779"
    },
    {
      "name": "CVE-2024-0607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0607"
    },
    {
      "name": "CVE-2023-46862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46862"
    },
    {
      "name": "CVE-2023-51781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51781"
    },
    {
      "name": "CVE-2023-51780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51780"
    },
    {
      "name": "CVE-2023-22995",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22995"
    },
    {
      "name": "CVE-2023-6560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6560"
    },
    {
      "name": "CVE-2023-4134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4134"
    },
    {
      "name": "CVE-2024-0565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0565"
    },
    {
      "name": "CVE-2024-0340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0340"
    },
    {
      "name": "CVE-2023-6121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6121"
    }
  ],
  "initial_release_date": "2024-03-08T00:00:00",
  "last_revision_date": "2024-03-08T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0196",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-03-08T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux d\u0027Ubuntu\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6686-1 du 08 mars 2024",
      "url": "https://ubuntu.com/security/notices/USN-6686-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6680-1 du 06 mars 2024",
      "url": "https://ubuntu.com/security/notices/USN-6680-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6653-4 du 04 mars 2024",
      "url": "https://ubuntu.com/security/notices/USN-6653-4"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6681-1 du 06 mars 2024",
      "url": "https://ubuntu.com/security/notices/USN-6681-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6680-2 du 08 mars 2024",
      "url": "https://ubuntu.com/security/notices/USN-6680-2"
    }
  ]
}

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SIMATIC PCS neo V6.0 versions ant\u00e9rieures \u00e0 V6.0 SP1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC V17, v18 et V20 toutes versions pour les vuln\u00e9rabilit\u00e9s CVE-2024-54678 et CVE-2025-40759",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC Control Function Library (CFL) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPROTEC 5 versions ant\u00e9rieures \u00e0 10.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC MTP Integrator toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC ProSave V17 toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC Unified Line Coordination toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC TeleControl toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC OA V3.19 versions ant\u00e9rieures \u00e0 V3.19 P020",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC flexible ES toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-PLCSIM V17 toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2024-54678.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-Fail-safe Configuration Tool (S7-FCT) versions ant\u00e9rieures \u00e0 4.0.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC PCS neo V6.0 toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2024-54678",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC eaSie Core Package (6DL5424-0AX00-0AV8) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC MTP CREATOR V2.x et V3.x toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC OA V3.18 versions ant\u00e9rieures \u00e0 V3.18 P032",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "TIA Portal Cloud V19 versions ant\u00e9rieures \u00e0 5.2.1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC D7-SYS toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC BATCH V10.0 toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC ODK 1500S toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC Process Historian 2020 toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour les vuln\u00e9rabilit\u00e9s CVE-2025-30033 et CVE-2025-47809",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 Software Controller V2 toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "TIA Portal Cloud Connector toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC Unified Sequence toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-PLCSIM V17 toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40759.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC Runtime Advanced toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC Logon V2.0 toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC ProSave V19 versions ant\u00e9rieures \u00e0 V19 Update 4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC PDM Maintenance Station V5.0 toutes versions pour les vuln\u00e9rabilit\u00e9s CVE-2025-30033 et CVE-2025-47809",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC Safety Matrix toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC Management Console toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE XCM-/XRM-/XCH-/XRH-300 family versions ant\u00e9rieures \u00e0 3.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC BATCH V9.1 toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC Process Function Library (PFL) V4.0 toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 Software Controller V3 toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC STEP 7 CFC V20 toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC NET PC Software toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC Route Control V9.1 toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC Process Historian 2022 toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC OA V3.20 versions ant\u00e9rieures \u00e0 V3.20 P008",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC RTLS Locating Manager versions ant\u00e9rieures \u00e0 3.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Siprotec 4 7SA6, 7SD5 et 7SD610 versions ant\u00e9rieures \u00e0 4.78",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC Automation Tool toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "TIA Portal Cloud V18 toutes versions pour les vuln\u00e9rabilit\u00e9s CVE-2024-54678 et CVE-2025-40759",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC PDM V9.2 et V9.3 toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC Runtime Professional toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC Visualization Architect (SiVArc) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC eaSie Workflow Skills toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC STEP 7 CFC V19 toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC V19 versions ant\u00e9rieures \u00e0 V19 Update 4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC Management Agent toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC V7.5 et V8.0 toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC STEP 7 V5.7 toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC Automation Tool SDK Windows toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC Process Historian 2022 toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-47809",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-PLCSIM V20 versions ant\u00e9rieures \u00e0 V20 Update 1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "TIA Portal Cloud V17 toutes versions pour les vuln\u00e9rabilit\u00e9s CVE-2024-54678 et CVE-2025-40759",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC Energy Suite toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC PCS 7  toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC Process Historian 2024 toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC STEP 7 V19 versions ant\u00e9rieures \u00e0 V19 Update 4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "TIA Portal Test Suite V17, v18, v19 et v20 toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-PCT toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC Target toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC ProSave V18 toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC Logon V1.6 toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC STEP 7 V17 et V18 toutes versions pour les vuln\u00e9rabilit\u00e9s CVE-2024-54678 et CVE-2025-40759",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC RTLS Locating Manager versions ant\u00e9rieures \u00e0 3.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-PLCSIM Advanced versions ant\u00e9rieures \u00e0 V7.0 Update 1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC PCS neo V5.0 toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2024-54678",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC STEP 7 V20 toutes versions pour les vuln\u00e9rabilit\u00e9s CVE-2024-54678 et CVE-2025-40759",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "TIA Portal Cloud V20 toutes versions pour les vuln\u00e9rabilit\u00e9s CVE-2024-54678 et CVE-2025-40759",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Siprotec 4 toutes versions et tous mod\u00e8les except\u00e9s 7SA6, 7SD5, 7SD610 pour la vuln\u00e9rabilit\u00e9 CVE-2024-52504. ",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC eaSie PCS 7 Skill Package (6DL5424-0BX00-0AV8) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 versions ant\u00e9rieures \u00e0 3.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-PLCSIM V17, V18 et V19 toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC Unified PC Runtime V18, V19 et V20 toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC PCS 7 Advanced Process Faceplates V9.1 toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7 F Systems V6.4 toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC Information Server toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-47809",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7 F Systems V6.3 toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC ProSave V20 toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC PCS 7 Logic Matrix V9.1 toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "WinCC Panel Image Setup toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC PCS neo V4.1 et V5.0 toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2024-54678.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC Route Control V10.0 toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-30033",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC V8.1 versions ant\u00e9rieures \u00e0 V8.1 Update 3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2021-44879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44879"
    },
    {
      "name": "CVE-2023-3567",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3567"
    },
    {
      "name": "CVE-2023-5178",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5178"
    },
    {
      "name": "CVE-2023-5678",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
    },
    {
      "name": "CVE-2023-5717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5717"
    },
    {
      "name": "CVE-2023-39198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39198"
    },
    {
      "name": "CVE-2023-45863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45863"
    },
    {
      "name": "CVE-2023-6931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6931"
    },
    {
      "name": "CVE-2023-6606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6606"
    },
    {
      "name": "CVE-2023-6121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6121"
    },
    {
      "name": "CVE-2023-51779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51779"
    },
    {
      "name": "CVE-2023-6932",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6932"
    },
    {
      "name": "CVE-2024-0193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0193"
    },
    {
      "name": "CVE-2023-6040",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6040"
    },
    {
      "name": "CVE-2023-46343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46343"
    },
    {
      "name": "CVE-2023-35827",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-35827"
    },
    {
      "name": "CVE-2024-0646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0646"
    },
    {
      "name": "CVE-2023-51782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51782"
    },
    {
      "name": "CVE-2023-51781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51781"
    },
    {
      "name": "CVE-2023-51780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51780"
    },
    {
      "name": "CVE-2024-1086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-1086"
    },
    {
      "name": "CVE-2024-26600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26600"
    },
    {
      "name": "CVE-2023-52597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52597"
    },
    {
      "name": "CVE-2024-26598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26598"
    },
    {
      "name": "CVE-2023-52598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52598"
    },
    {
      "name": "CVE-2023-52601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52601"
    },
    {
      "name": "CVE-2023-52600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52600"
    },
    {
      "name": "CVE-2023-52602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52602"
    },
    {
      "name": "CVE-2024-26625",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26625"
    },
    {
      "name": "CVE-2024-26581",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26581"
    },
    {
      "name": "CVE-2023-52606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52606"
    },
    {
      "name": "CVE-2023-52604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52604"
    },
    {
      "name": "CVE-2023-52587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52587"
    },
    {
      "name": "CVE-2023-52599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52599"
    },
    {
      "name": "CVE-2023-52583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52583"
    },
    {
      "name": "CVE-2023-52603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52603"
    },
    {
      "name": "CVE-2023-52607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52607"
    },
    {
      "name": "CVE-2023-52594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52594"
    },
    {
      "name": "CVE-2023-52595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52595"
    },
    {
      "name": "CVE-2024-26602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26602"
    },
    {
      "name": "CVE-2023-52340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52340"
    },
    {
      "name": "CVE-2023-52475",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52475"
    },
    {
      "name": "CVE-2023-52478",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52478"
    },
    {
      "name": "CVE-2023-52502",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52502"
    },
    {
      "name": "CVE-2024-26593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26593"
    },
    {
      "name": "CVE-2024-0584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0584"
    },
    {
      "name": "CVE-2023-52435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52435"
    },
    {
      "name": "CVE-2023-52617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52617"
    },
    {
      "name": "CVE-2024-26645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26645"
    },
    {
      "name": "CVE-2024-0841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0841"
    },
    {
      "name": "CVE-2023-52477",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52477"
    },
    {
      "name": "CVE-2023-52504",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52504"
    },
    {
      "name": "CVE-2023-52615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52615"
    },
    {
      "name": "CVE-2023-52486",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52486"
    },
    {
      "name": "CVE-2023-52509",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52509"
    },
    {
      "name": "CVE-2023-52637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52637"
    },
    {
      "name": "CVE-2023-52507",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52507"
    },
    {
      "name": "CVE-2024-26664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26664"
    },
    {
      "name": "CVE-2023-52623",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52623"
    },
    {
      "name": "CVE-2023-52619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52619"
    },
    {
      "name": "CVE-2023-52510",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52510"
    },
    {
      "name": "CVE-2024-26754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26754"
    },
    {
      "name": "CVE-2024-26697",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26697"
    },
    {
      "name": "CVE-2024-26704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26704"
    },
    {
      "name": "CVE-2024-26720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26720"
    },
    {
      "name": "CVE-2023-52622",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52622"
    },
    {
      "name": "CVE-2024-26671",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26671"
    },
    {
      "name": "CVE-2024-26748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26748"
    },
    {
      "name": "CVE-2024-26606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26606"
    },
    {
      "name": "CVE-2024-26702",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26702"
    },
    {
      "name": "CVE-2024-26766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26766"
    },
    {
      "name": "CVE-2024-26685",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26685"
    },
    {
      "name": "CVE-2024-26801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26801"
    },
    {
      "name": "CVE-2024-26663",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26663"
    },
    {
      "name": "CVE-2024-26675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26675"
    },
    {
      "name": "CVE-2024-26752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26752"
    },
    {
      "name": "CVE-2024-26805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26805"
    },
    {
      "name": "CVE-2024-26773",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26773"
    },
    {
      "name": "CVE-2024-26793",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26793"
    },
    {
      "name": "CVE-2024-26764",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26764"
    },
    {
      "name": "CVE-2024-26735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26735"
    },
    {
      "name": "CVE-2024-26684",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26684"
    },
    {
      "name": "CVE-2024-26679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26679"
    },
    {
      "name": "CVE-2024-26749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26749"
    },
    {
      "name": "CVE-2024-26688",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26688"
    },
    {
      "name": "CVE-2024-26763",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26763"
    },
    {
      "name": "CVE-2024-26722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26722"
    },
    {
      "name": "CVE-2024-26777",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26777"
    },
    {
      "name": "CVE-2024-26779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26779"
    },
    {
      "name": "CVE-2024-26772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26772"
    },
    {
      "name": "CVE-2024-26791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26791"
    },
    {
      "name": "CVE-2024-26788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26788"
    },
    {
      "name": "CVE-2024-26804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26804"
    },
    {
      "name": "CVE-2024-26696",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26696"
    },
    {
      "name": "CVE-2024-26778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26778"
    },
    {
      "name": "CVE-2024-26790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26790"
    },
    {
      "name": "CVE-2024-26673",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26673"
    },
    {
      "name": "CVE-2024-26751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26751"
    },
    {
      "name": "CVE-2024-26736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26736"
    },
    {
      "name": "CVE-2023-52581",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52581"
    },
    {
      "name": "CVE-2024-26839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26839"
    },
    {
      "name": "CVE-2024-26845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26845"
    },
    {
      "name": "CVE-2024-26840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26840"
    },
    {
      "name": "CVE-2024-26910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26910"
    },
    {
      "name": "CVE-2024-26615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26615"
    },
    {
      "name": "CVE-2024-26635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26635"
    },
    {
      "name": "CVE-2024-26835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26835"
    },
    {
      "name": "CVE-2024-26636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26636"
    },
    {
      "name": "CVE-2024-26825",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26825"
    },
    {
      "name": "CVE-2023-52433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52433"
    },
    {
      "name": "CVE-2023-52654",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52654"
    },
    {
      "name": "CVE-2023-52655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52655"
    },
    {
      "name": "CVE-2023-52753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52753"
    },
    {
      "name": "CVE-2023-52764",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52764"
    },
    {
      "name": "CVE-2023-52774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52774"
    },
    {
      "name": "CVE-2023-52789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52789"
    },
    {
      "name": "CVE-2023-52791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52791"
    },
    {
      "name": "CVE-2023-52796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52796"
    },
    {
      "name": "CVE-2023-52799",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52799"
    },
    {
      "name": "CVE-2023-52804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52804"
    },
    {
      "name": "CVE-2023-52805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52805"
    },
    {
      "name": "CVE-2023-52806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52806"
    },
    {
      "name": "CVE-2023-52809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52809"
    },
    {
      "name": "CVE-2023-52810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52810"
    },
    {
      "name": "CVE-2023-52817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52817"
    },
    {
      "name": "CVE-2023-52818",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52818"
    },
    {
      "name": "CVE-2023-52819",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52819"
    },
    {
      "name": "CVE-2023-52832",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52832"
    },
    {
      "name": "CVE-2023-52838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52838"
    },
    {
      "name": "CVE-2023-52840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52840"
    },
    {
      "name": "CVE-2023-52847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52847"
    },
    {
      "name": "CVE-2023-52853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52853"
    },
    {
      "name": "CVE-2023-52855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52855"
    },
    {
      "name": "CVE-2023-52858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52858"
    },
    {
      "name": "CVE-2023-52864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52864"
    },
    {
      "name": "CVE-2023-52865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52865"
    },
    {
      "name": "CVE-2023-52867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52867"
    },
    {
      "name": "CVE-2023-52868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52868"
    },
    {
      "name": "CVE-2023-52871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52871"
    },
    {
      "name": "CVE-2023-52873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52873"
    },
    {
      "name": "CVE-2023-52875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52875"
    },
    {
      "name": "CVE-2023-52876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52876"
    },
    {
      "name": "CVE-2024-27405",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27405"
    },
    {
      "name": "CVE-2024-27410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27410"
    },
    {
      "name": "CVE-2024-27412",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27412"
    },
    {
      "name": "CVE-2024-27413",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27413"
    },
    {
      "name": "CVE-2024-27416",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27416"
    },
    {
      "name": "CVE-2024-27417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27417"
    },
    {
      "name": "CVE-2024-35833",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35833"
    },
    {
      "name": "CVE-2024-36938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36938"
    },
    {
      "name": "CVE-2023-52670",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52670"
    },
    {
      "name": "CVE-2024-35835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35835"
    },
    {
      "name": "CVE-2024-36894",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36894"
    },
    {
      "name": "CVE-2024-27414",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27414"
    },
    {
      "name": "CVE-2023-52813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52813"
    },
    {
      "name": "CVE-2023-52835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52835"
    },
    {
      "name": "CVE-2023-52881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52881"
    },
    {
      "name": "CVE-2023-52784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52784"
    },
    {
      "name": "CVE-2023-52843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52843"
    },
    {
      "name": "CVE-2023-52845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52845"
    },
    {
      "name": "CVE-2024-36978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36978"
    },
    {
      "name": "CVE-2024-37078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37078"
    },
    {
      "name": "CVE-2024-38619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38619"
    },
    {
      "name": "CVE-2024-39468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39468"
    },
    {
      "name": "CVE-2024-39469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39469"
    },
    {
      "name": "CVE-2024-38586",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38586"
    },
    {
      "name": "CVE-2024-36974",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36974"
    },
    {
      "name": "CVE-2024-39476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39476"
    },
    {
      "name": "CVE-2024-39482",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39482"
    },
    {
      "name": "CVE-2024-39484",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39484"
    },
    {
      "name": "CVE-2024-39487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39487"
    },
    {
      "name": "CVE-2024-39495",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39495"
    },
    {
      "name": "CVE-2024-39499",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39499"
    },
    {
      "name": "CVE-2024-39501",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39501"
    },
    {
      "name": "CVE-2024-39502",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39502"
    },
    {
      "name": "CVE-2024-39503",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39503"
    },
    {
      "name": "CVE-2024-39505",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39505"
    },
    {
      "name": "CVE-2024-39506",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39506"
    },
    {
      "name": "CVE-2024-39509",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39509"
    },
    {
      "name": "CVE-2024-40901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40901"
    },
    {
      "name": "CVE-2024-40902",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40902"
    },
    {
      "name": "CVE-2024-40904",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40904"
    },
    {
      "name": "CVE-2024-40905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40905"
    },
    {
      "name": "CVE-2024-40912",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40912"
    },
    {
      "name": "CVE-2024-40916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40916"
    },
    {
      "name": "CVE-2024-40929",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40929"
    },
    {
      "name": "CVE-2024-40931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40931"
    },
    {
      "name": "CVE-2024-40932",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40932"
    },
    {
      "name": "CVE-2024-40934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40934"
    },
    {
      "name": "CVE-2024-40941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40941"
    },
    {
      "name": "CVE-2024-40942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40942"
    },
    {
      "name": "CVE-2024-40943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40943"
    },
    {
      "name": "CVE-2024-40945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40945"
    },
    {
      "name": "CVE-2024-40947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40947"
    },
    {
      "name": "CVE-2024-40958",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40958"
    },
    {
      "name": "CVE-2024-40959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40959"
    },
    {
      "name": "CVE-2024-40960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40960"
    },
    {
      "name": "CVE-2024-40961",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40961"
    },
    {
      "name": "CVE-2024-40963",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40963"
    },
    {
      "name": "CVE-2024-40968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40968"
    },
    {
      "name": "CVE-2024-40971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40971"
    },
    {
      "name": "CVE-2024-40974",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40974"
    },
    {
      "name": "CVE-2024-40976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40976"
    },
    {
      "name": "CVE-2024-40978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40978"
    },
    {
      "name": "CVE-2024-40980",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40980"
    },
    {
      "name": "CVE-2024-40981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40981"
    },
    {
      "name": "CVE-2024-40983",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40983"
    },
    {
      "name": "CVE-2024-40984",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40984"
    },
    {
      "name": "CVE-2024-40987",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40987"
    },
    {
      "name": "CVE-2024-40988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40988"
    },
    {
      "name": "CVE-2024-40990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40990"
    },
    {
      "name": "CVE-2024-40995",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40995"
    },
    {
      "name": "CVE-2024-41000",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41000"
    },
    {
      "name": "CVE-2024-41004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41004"
    },
    {
      "name": "CVE-2024-41005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41005"
    },
    {
      "name": "CVE-2024-41006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41006"
    },
    {
      "name": "CVE-2023-52836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52836"
    },
    {
      "name": "CVE-2023-52879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52879"
    },
    {
      "name": "CVE-2024-36901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36901"
    },
    {
      "name": "CVE-2024-41017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41017"
    },
    {
      "name": "CVE-2024-41090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41090"
    },
    {
      "name": "CVE-2024-41091",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41091"
    },
    {
      "name": "CVE-2022-48827",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48827"
    },
    {
      "name": "CVE-2022-48828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48828"
    },
    {
      "name": "CVE-2022-48829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48829"
    },
    {
      "name": "CVE-2024-41009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41009"
    },
    {
      "name": "CVE-2024-41012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41012"
    },
    {
      "name": "CVE-2024-41015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41015"
    },
    {
      "name": "CVE-2024-41040",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41040"
    },
    {
      "name": "CVE-2024-41041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41041"
    },
    {
      "name": "CVE-2024-41044",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41044"
    },
    {
      "name": "CVE-2024-41059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41059"
    },
    {
      "name": "CVE-2024-41063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41063"
    },
    {
      "name": "CVE-2024-41064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41064"
    },
    {
      "name": "CVE-2024-41070",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41070"
    },
    {
      "name": "CVE-2024-41072",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41072"
    },
    {
      "name": "CVE-2024-41078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41078"
    },
    {
      "name": "CVE-2024-41081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41081"
    },
    {
      "name": "CVE-2024-41087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41087"
    },
    {
      "name": "CVE-2024-41089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41089"
    },
    {
      "name": "CVE-2024-41095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41095"
    },
    {
      "name": "CVE-2024-42093",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42093"
    },
    {
      "name": "CVE-2024-42105",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42105"
    },
    {
      "name": "CVE-2024-42145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42145"
    },
    {
      "name": "CVE-2024-42161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42161"
    },
    {
      "name": "CVE-2024-42223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42223"
    },
    {
      "name": "CVE-2024-42224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42224"
    },
    {
      "name": "CVE-2022-48666",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48666"
    },
    {
      "name": "CVE-2024-36484",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36484"
    },
    {
      "name": "CVE-2024-41007",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41007"
    },
    {
      "name": "CVE-2024-41020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41020"
    },
    {
      "name": "CVE-2024-41022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41022"
    },
    {
      "name": "CVE-2024-41034",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41034"
    },
    {
      "name": "CVE-2024-41035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41035"
    },
    {
      "name": "CVE-2024-41046",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41046"
    },
    {
      "name": "CVE-2024-41049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41049"
    },
    {
      "name": "CVE-2024-41055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41055"
    },
    {
      "name": "CVE-2024-41065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41065"
    },
    {
      "name": "CVE-2024-41068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41068"
    },
    {
      "name": "CVE-2024-41077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41077"
    },
    {
      "name": "CVE-2024-42101",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42101"
    },
    {
      "name": "CVE-2024-42143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42143"
    },
    {
      "name": "CVE-2024-42148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42148"
    },
    {
      "name": "CVE-2024-42152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42152"
    },
    {
      "name": "CVE-2024-42153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42153"
    },
    {
      "name": "CVE-2024-42154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42154"
    },
    {
      "name": "CVE-2024-42229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42229"
    },
    {
      "name": "CVE-2024-42232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42232"
    },
    {
      "name": "CVE-2024-42236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42236"
    },
    {
      "name": "CVE-2024-42244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42244"
    },
    {
      "name": "CVE-2024-42247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42247"
    },
    {
      "name": "CVE-2024-42082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42082"
    },
    {
      "name": "CVE-2023-52887",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52887"
    },
    {
      "name": "CVE-2024-41092",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41092"
    },
    {
      "name": "CVE-2024-41097",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41097"
    },
    {
      "name": "CVE-2024-42076",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42076"
    },
    {
      "name": "CVE-2024-42077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42077"
    },
    {
      "name": "CVE-2024-42084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42084"
    },
    {
      "name": "CVE-2024-42086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42086"
    },
    {
      "name": "CVE-2024-42087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42087"
    },
    {
      "name": "CVE-2024-42092",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42092"
    },
    {
      "name": "CVE-2024-42094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42094"
    },
    {
      "name": "CVE-2024-42095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42095"
    },
    {
      "name": "CVE-2022-48935",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48935"
    },
    {
      "name": "CVE-2024-43861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43861"
    },
    {
      "name": "CVE-2024-43867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43867"
    },
    {
      "name": "CVE-2024-43871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43871"
    },
    {
      "name": "CVE-2024-43879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43879"
    },
    {
      "name": "CVE-2024-43880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43880"
    },
    {
      "name": "CVE-2024-43882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43882"
    },
    {
      "name": "CVE-2024-43883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43883"
    },
    {
      "name": "CVE-2024-43889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43889"
    },
    {
      "name": "CVE-2024-43893",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43893"
    },
    {
      "name": "CVE-2024-43894",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43894"
    },
    {
      "name": "CVE-2024-43907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43907"
    },
    {
      "name": "CVE-2024-43908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43908"
    },
    {
      "name": "CVE-2024-45003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45003"
    },
    {
      "name": "CVE-2024-44987",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44987"
    },
    {
      "name": "CVE-2024-44988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44988"
    },
    {
      "name": "CVE-2024-44989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44989"
    },
    {
      "name": "CVE-2024-44990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44990"
    },
    {
      "name": "CVE-2024-44995",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44995"
    },
    {
      "name": "CVE-2024-44998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44998"
    },
    {
      "name": "CVE-2024-44999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44999"
    },
    {
      "name": "CVE-2024-45006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45006"
    },
    {
      "name": "CVE-2024-45008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45008"
    },
    {
      "name": "CVE-2024-45021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45021"
    },
    {
      "name": "CVE-2024-45025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45025"
    },
    {
      "name": "CVE-2024-46673",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46673"
    },
    {
      "name": "CVE-2024-46674",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46674"
    },
    {
      "name": "CVE-2024-46675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46675"
    },
    {
      "name": "CVE-2024-46676",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46676"
    },
    {
      "name": "CVE-2024-46677",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46677"
    },
    {
      "name": "CVE-2024-46679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46679"
    },
    {
      "name": "CVE-2024-46685",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46685"
    },
    {
      "name": "CVE-2024-46689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46689"
    },
    {
      "name": "CVE-2024-46702",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46702"
    },
    {
      "name": "CVE-2024-46707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46707"
    },
    {
      "name": "CVE-2024-46713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46713"
    },
    {
      "name": "CVE-2024-46714",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46714"
    },
    {
      "name": "CVE-2024-46719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46719"
    },
    {
      "name": "CVE-2024-46721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46721"
    },
    {
      "name": "CVE-2024-46722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46722"
    },
    {
      "name": "CVE-2024-46723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46723"
    },
    {
      "name": "CVE-2024-46724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46724"
    },
    {
      "name": "CVE-2024-46725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46725"
    },
    {
      "name": "CVE-2024-46731",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46731"
    },
    {
      "name": "CVE-2024-46737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46737"
    },
    {
      "name": "CVE-2024-46738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46738"
    },
    {
      "name": "CVE-2024-46739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46739"
    },
    {
      "name": "CVE-2024-46740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46740"
    },
    {
      "name": "CVE-2024-46743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46743"
    },
    {
      "name": "CVE-2024-46744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46744"
    },
    {
      "name": "CVE-2024-46745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46745"
    },
    {
      "name": "CVE-2024-46747",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46747"
    },
    {
      "name": "CVE-2024-46750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46750"
    },
    {
      "name": "CVE-2024-46755",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46755"
    },
    {
      "name": "CVE-2024-46756",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46756"
    },
    {
      "name": "CVE-2024-46757",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46757"
    },
    {
      "name": "CVE-2024-46758",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46758"
    },
    {
      "name": "CVE-2024-46759",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46759"
    },
    {
      "name": "CVE-2024-46761",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46761"
    },
    {
      "name": "CVE-2024-46763",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46763"
    },
    {
      "name": "CVE-2024-46771",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46771"
    },
    {
      "name": "CVE-2024-46777",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46777"
    },
    {
      "name": "CVE-2024-46780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46780"
    },
    {
      "name": "CVE-2024-46781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46781"
    },
    {
      "name": "CVE-2024-46782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46782"
    },
    {
      "name": "CVE-2024-46783",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46783"
    },
    {
      "name": "CVE-2024-46791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46791"
    },
    {
      "name": "CVE-2024-46798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46798"
    },
    {
      "name": "CVE-2024-46800",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46800"
    },
    {
      "name": "CVE-2024-46804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46804"
    },
    {
      "name": "CVE-2024-46814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46814"
    },
    {
      "name": "CVE-2024-46815",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46815"
    },
    {
      "name": "CVE-2024-46817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46817"
    },
    {
      "name": "CVE-2024-46818",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46818"
    },
    {
      "name": "CVE-2024-46819",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46819"
    },
    {
      "name": "CVE-2024-46822",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46822"
    },
    {
      "name": "CVE-2024-46828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46828"
    },
    {
      "name": "CVE-2024-46829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46829"
    },
    {
      "name": "CVE-2024-46832",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46832"
    },
    {
      "name": "CVE-2024-46840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46840"
    },
    {
      "name": "CVE-2024-46844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46844"
    },
    {
      "name": "CVE-2024-43890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43890"
    },
    {
      "name": "CVE-2024-43914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43914"
    },
    {
      "name": "CVE-2024-44935",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44935"
    },
    {
      "name": "CVE-2024-44944",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44944"
    },
    {
      "name": "CVE-2024-44952",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44952"
    },
    {
      "name": "CVE-2024-44954",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44954"
    },
    {
      "name": "CVE-2024-44960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44960"
    },
    {
      "name": "CVE-2024-44965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44965"
    },
    {
      "name": "CVE-2024-44969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44969"
    },
    {
      "name": "CVE-2024-44971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44971"
    },
    {
      "name": "CVE-2024-47668",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47668"
    },
    {
      "name": "CVE-2024-47659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47659"
    },
    {
      "name": "CVE-2024-47663",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47663"
    },
    {
      "name": "CVE-2024-47667",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47667"
    },
    {
      "name": "CVE-2024-47669",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47669"
    },
    {
      "name": "CVE-2024-9681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
    },
    {
      "name": "CVE-2023-52917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52917"
    },
    {
      "name": "CVE-2023-52919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52919"
    },
    {
      "name": "CVE-2024-47660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47660"
    },
    {
      "name": "CVE-2024-47684",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47684"
    },
    {
      "name": "CVE-2024-47685",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47685"
    },
    {
      "name": "CVE-2024-47692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47692"
    },
    {
      "name": "CVE-2024-47696",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47696"
    },
    {
      "name": "CVE-2024-47697",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47697"
    },
    {
      "name": "CVE-2024-47698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47698"
    },
    {
      "name": "CVE-2024-47699",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47699"
    },
    {
      "name": "CVE-2024-47705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47705"
    },
    {
      "name": "CVE-2024-47706",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47706"
    },
    {
      "name": "CVE-2024-47709",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47709"
    },
    {
      "name": "CVE-2024-47710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47710"
    },
    {
      "name": "CVE-2024-47712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47712"
    },
    {
      "name": "CVE-2024-47713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47713"
    },
    {
      "name": "CVE-2024-47718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47718"
    },
    {
      "name": "CVE-2024-47723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47723"
    },
    {
      "name": "CVE-2024-47735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47735"
    },
    {
      "name": "CVE-2024-47737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47737"
    },
    {
      "name": "CVE-2024-47739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47739"
    },
    {
      "name": "CVE-2024-47742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47742"
    },
    {
      "name": "CVE-2024-47747",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47747"
    },
    {
      "name": "CVE-2024-47748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47748"
    },
    {
      "name": "CVE-2024-47749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47749"
    },
    {
      "name": "CVE-2024-47756",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47756"
    },
    {
      "name": "CVE-2024-47757",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47757"
    },
    {
      "name": "CVE-2024-49851",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49851"
    },
    {
      "name": "CVE-2024-49858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49858"
    },
    {
      "name": "CVE-2024-49860",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49860"
    },
    {
      "name": "CVE-2024-49863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49863"
    },
    {
      "name": "CVE-2024-49867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49867"
    },
    {
      "name": "CVE-2024-49875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49875"
    },
    {
      "name": "CVE-2024-49877",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49877"
    },
    {
      "name": "CVE-2024-49878",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49878"
    },
    {
      "name": "CVE-2024-49879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49879"
    },
    {
      "name": "CVE-2024-49881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49881"
    },
    {
      "name": "CVE-2024-49882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49882"
    },
    {
      "name": "CVE-2024-49883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49883"
    },
    {
      "name": "CVE-2024-49890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49890"
    },
    {
      "name": "CVE-2024-49892",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49892"
    },
    {
      "name": "CVE-2024-49894",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49894"
    },
    {
      "name": "CVE-2024-49895",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49895"
    },
    {
      "name": "CVE-2024-49896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49896"
    },
    {
      "name": "CVE-2024-49900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49900"
    },
    {
      "name": "CVE-2024-49901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49901"
    },
    {
      "name": "CVE-2024-49902",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49902"
    },
    {
      "name": "CVE-2024-49903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49903"
    },
    {
      "name": "CVE-2024-49907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49907"
    },
    {
      "name": "CVE-2024-49913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49913"
    },
    {
      "name": "CVE-2024-49930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49930"
    },
    {
      "name": "CVE-2024-49933",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49933"
    },
    {
      "name": "CVE-2024-49936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49936"
    },
    {
      "name": "CVE-2024-49938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49938"
    },
    {
      "name": "CVE-2024-49949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49949"
    },
    {
      "name": "CVE-2024-49955",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49955"
    },
    {
      "name": "CVE-2024-49957",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49957"
    },
    {
      "name": "CVE-2024-49958",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49958"
    },
    {
      "name": "CVE-2024-49959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49959"
    },
    {
      "name": "CVE-2024-49962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49962"
    },
    {
      "name": "CVE-2024-49963",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49963"
    },
    {
      "name": "CVE-2024-49965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49965"
    },
    {
      "name": "CVE-2024-49966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49966"
    },
    {
      "name": "CVE-2024-49967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49967"
    },
    {
      "name": "CVE-2024-49969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49969"
    },
    {
      "name": "CVE-2024-49973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49973"
    },
    {
      "name": "CVE-2024-49975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49975"
    },
    {
      "name": "CVE-2024-49981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49981"
    },
    {
      "name": "CVE-2024-49982",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49982"
    },
    {
      "name": "CVE-2024-49985",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49985"
    },
    {
      "name": "CVE-2024-49993",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49993"
    },
    {
      "name": "CVE-2024-49995",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49995"
    },
    {
      "name": "CVE-2024-50001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50001"
    },
    {
      "name": "CVE-2024-50006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50006"
    },
    {
      "name": "CVE-2024-50007",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50007"
    },
    {
      "name": "CVE-2024-50008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50008"
    },
    {
      "name": "CVE-2024-50013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50013"
    },
    {
      "name": "CVE-2024-50015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50015"
    },
    {
      "name": "CVE-2024-50024",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50024"
    },
    {
      "name": "CVE-2024-50033",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50033"
    },
    {
      "name": "CVE-2024-50035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50035"
    },
    {
      "name": "CVE-2024-50040",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50040"
    },
    {
      "name": "CVE-2024-50044",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50044"
    },
    {
      "name": "CVE-2024-50045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50045"
    },
    {
      "name": "CVE-2024-50046",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50046"
    },
    {
      "name": "CVE-2024-50049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50049"
    },
    {
      "name": "CVE-2024-50059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50059"
    },
    {
      "name": "CVE-2024-50074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50074"
    },
    {
      "name": "CVE-2024-44949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44949"
    },
    {
      "name": "CVE-2024-50218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50218"
    },
    {
      "name": "CVE-2024-50234",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50234"
    },
    {
      "name": "CVE-2024-50236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50236"
    },
    {
      "name": "CVE-2024-50237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50237"
    },
    {
      "name": "CVE-2024-50251",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50251"
    },
    {
      "name": "CVE-2024-50262",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50262"
    },
    {
      "name": "CVE-2024-50264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50264"
    },
    {
      "name": "CVE-2024-50265",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50265"
    },
    {
      "name": "CVE-2024-50267",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50267"
    },
    {
      "name": "CVE-2024-50268",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50268"
    },
    {
      "name": "CVE-2024-50269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50269"
    },
    {
      "name": "CVE-2024-50273",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50273"
    },
    {
      "name": "CVE-2024-50278",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50278"
    },
    {
      "name": "CVE-2024-50279",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50279"
    },
    {
      "name": "CVE-2024-50282",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50282"
    },
    {
      "name": "CVE-2024-50287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50287"
    },
    {
      "name": "CVE-2024-50290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50290"
    },
    {
      "name": "CVE-2024-50292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50292"
    },
    {
      "name": "CVE-2024-50295",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50295"
    },
    {
      "name": "CVE-2024-50296",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50296"
    },
    {
      "name": "CVE-2024-50299",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50299"
    },
    {
      "name": "CVE-2024-50301",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50301"
    },
    {
      "name": "CVE-2024-50302",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50302"
    },
    {
      "name": "CVE-2024-53052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53052"
    },
    {
      "name": "CVE-2024-53057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53057"
    },
    {
      "name": "CVE-2024-53059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53059"
    },
    {
      "name": "CVE-2024-53060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53060"
    },
    {
      "name": "CVE-2024-53061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53061"
    },
    {
      "name": "CVE-2024-53063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53063"
    },
    {
      "name": "CVE-2024-53066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53066"
    },
    {
      "name": "CVE-2024-50082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50082"
    },
    {
      "name": "CVE-2024-50099",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50099"
    },
    {
      "name": "CVE-2024-53241",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53241"
    },
    {
      "name": "CVE-2024-53240",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53240"
    },
    {
      "name": "CVE-2024-47679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47679"
    },
    {
      "name": "CVE-2024-47701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47701"
    },
    {
      "name": "CVE-2024-47740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47740"
    },
    {
      "name": "CVE-2024-49868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49868"
    },
    {
      "name": "CVE-2024-49884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49884"
    },
    {
      "name": "CVE-2024-49889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49889"
    },
    {
      "name": "CVE-2024-49924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49924"
    },
    {
      "name": "CVE-2024-49944",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49944"
    },
    {
      "name": "CVE-2024-49948",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49948"
    },
    {
      "name": "CVE-2024-49952",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49952"
    },
    {
      "name": "CVE-2024-49977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49977"
    },
    {
      "name": "CVE-2024-49983",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49983"
    },
    {
      "name": "CVE-2024-49997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49997"
    },
    {
      "name": "CVE-2024-50039",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50039"
    },
    {
      "name": "CVE-2024-50095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50095"
    },
    {
      "name": "CVE-2024-50096",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50096"
    },
    {
      "name": "CVE-2024-50179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50179"
    },
    {
      "name": "CVE-2024-50180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50180"
    },
    {
      "name": "CVE-2024-50181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50181"
    },
    {
      "name": "CVE-2024-50184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50184"
    },
    {
      "name": "CVE-2024-50188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50188"
    },
    {
      "name": "CVE-2024-50089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50089"
    },
    {
      "name": "CVE-2024-50194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50194"
    },
    {
      "name": "CVE-2024-50195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50195"
    },
    {
      "name": "CVE-2024-50198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50198"
    },
    {
      "name": "CVE-2024-50201",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50201"
    },
    {
      "name": "CVE-2024-53101",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53101"
    },
    {
      "name": "CVE-2024-53104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53104"
    },
    {
      "name": "CVE-2024-50083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50083"
    },
    {
      "name": "CVE-2024-50185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50185"
    },
    {
      "name": "CVE-2024-50193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50193"
    },
    {
      "name": "CVE-2024-50199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50199"
    },
    {
      "name": "CVE-2024-50202",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50202"
    },
    {
      "name": "CVE-2024-53097",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53097"
    },
    {
      "name": "CVE-2024-53103",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53103"
    },
    {
      "name": "CVE-2024-53146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53146"
    },
    {
      "name": "CVE-2024-53148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53148"
    },
    {
      "name": "CVE-2024-53150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53150"
    },
    {
      "name": "CVE-2024-53155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53155"
    },
    {
      "name": "CVE-2024-53156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53156"
    },
    {
      "name": "CVE-2024-53157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53157"
    },
    {
      "name": "CVE-2024-53158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53158"
    },
    {
      "name": "CVE-2024-53161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53161"
    },
    {
      "name": "CVE-2024-53171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53171"
    },
    {
      "name": "CVE-2024-53173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53173"
    },
    {
      "name": "CVE-2024-53174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53174"
    },
    {
      "name": "CVE-2024-53214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53214"
    },
    {
      "name": "CVE-2024-53217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53217"
    },
    {
      "name": "CVE-2024-53237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53237"
    },
    {
      "name": "CVE-2024-56539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56539"
    },
    {
      "name": "CVE-2024-56562",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56562"
    },
    {
      "name": "CVE-2024-56567",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56567"
    },
    {
      "name": "CVE-2024-56576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56576"
    },
    {
      "name": "CVE-2024-56605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56605"
    },
    {
      "name": "CVE-2024-56645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56645"
    },
    {
      "name": "CVE-2024-56754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56754"
    },
    {
      "name": "CVE-2024-56756",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56756"
    },
    {
      "name": "CVE-2024-53239",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53239"
    },
    {
      "name": "CVE-2024-56548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56548"
    },
    {
      "name": "CVE-2024-56570",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56570"
    },
    {
      "name": "CVE-2024-56571",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56571"
    },
    {
      "name": "CVE-2024-56598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56598"
    },
    {
      "name": "CVE-2024-56619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56619"
    },
    {
      "name": "CVE-2024-56704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56704"
    },
    {
      "name": "CVE-2024-47143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47143"
    },
    {
      "name": "CVE-2024-48881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-48881"
    },
    {
      "name": "CVE-2024-50051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50051"
    },
    {
      "name": "CVE-2024-52332",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-52332"
    },
    {
      "name": "CVE-2024-53172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53172"
    },
    {
      "name": "CVE-2024-53194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53194"
    },
    {
      "name": "CVE-2024-53197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53197"
    },
    {
      "name": "CVE-2024-53198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53198"
    },
    {
      "name": "CVE-2024-53227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53227"
    },
    {
      "name": "CVE-2024-56531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56531"
    },
    {
      "name": "CVE-2024-56532",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56532"
    },
    {
      "name": "CVE-2024-56533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56533"
    },
    {
      "name": "CVE-2024-56558",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56558"
    },
    {
      "name": "CVE-2024-56568",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56568"
    },
    {
      "name": "CVE-2024-56569",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56569"
    },
    {
      "name": "CVE-2024-56572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56572"
    },
    {
      "name": "CVE-2024-56574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56574"
    },
    {
      "name": "CVE-2024-56587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56587"
    },
    {
      "name": "CVE-2024-56589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56589"
    },
    {
      "name": "CVE-2024-56593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56593"
    },
    {
      "name": "CVE-2024-56594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56594"
    },
    {
      "name": "CVE-2024-56595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56595"
    },
    {
      "name": "CVE-2024-56596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56596"
    },
    {
      "name": "CVE-2024-56597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56597"
    },
    {
      "name": "CVE-2024-56602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56602"
    },
    {
      "name": "CVE-2024-56603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56603"
    },
    {
      "name": "CVE-2024-56606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56606"
    },
    {
      "name": "CVE-2024-56615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56615"
    },
    {
      "name": "CVE-2024-56623",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56623"
    },
    {
      "name": "CVE-2024-56629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56629"
    },
    {
      "name": "CVE-2024-56630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56630"
    },
    {
      "name": "CVE-2024-56634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56634"
    },
    {
      "name": "CVE-2024-56636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56636"
    },
    {
      "name": "CVE-2024-56637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56637"
    },
    {
      "name": "CVE-2024-56642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56642"
    },
    {
      "name": "CVE-2024-56643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56643"
    },
    {
      "name": "CVE-2024-56644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56644"
    },
    {
      "name": "CVE-2024-56648",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56648"
    },
    {
      "name": "CVE-2024-56659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56659"
    },
    {
      "name": "CVE-2024-56661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56661"
    },
    {
      "name": "CVE-2024-56662",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56662"
    },
    {
      "name": "CVE-2024-56670",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56670"
    },
    {
      "name": "CVE-2024-56681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56681"
    },
    {
      "name": "CVE-2024-56688",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56688"
    },
    {
      "name": "CVE-2024-56690",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56690"
    },
    {
      "name": "CVE-2024-56691",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56691"
    },
    {
      "name": "CVE-2024-56698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56698"
    },
    {
      "name": "CVE-2024-56700",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56700"
    },
    {
      "name": "CVE-2024-56701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56701"
    },
    {
      "name": "CVE-2024-56705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56705"
    },
    {
      "name": "CVE-2024-56723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56723"
    },
    {
      "name": "CVE-2024-56724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56724"
    },
    {
      "name": "CVE-2024-56739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56739"
    },
    {
      "name": "CVE-2024-56741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56741"
    },
    {
      "name": "CVE-2024-56746",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56746"
    },
    {
      "name": "CVE-2024-56747",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56747"
    },
    {
      "name": "CVE-2024-56748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56748"
    },
    {
      "name": "CVE-2024-56779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56779"
    },
    {
      "name": "CVE-2024-56780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56780"
    },
    {
      "name": "CVE-2024-57874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-57874"
    },
    {
      "name": "CVE-2024-50602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
    },
    {
      "name": "CVE-2024-50304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50304"
    },
    {
      "name": "CVE-2024-56600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56600"
    },
    {
      "name": "CVE-2024-56601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56601"
    },
    {
      "name": "CVE-2024-56610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56610"
    },
    {
      "name": "CVE-2024-56650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56650"
    },
    {
      "name": "CVE-2024-56728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56728"
    },
    {
      "name": "CVE-2024-56633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56633"
    },
    {
      "name": "CVE-2022-49034",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49034"
    },
    {
      "name": "CVE-2024-49971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49971"
    },
    {
      "name": "CVE-2024-53145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53145"
    },
    {
      "name": "CVE-2024-53165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53165"
    },
    {
      "name": "CVE-2024-53181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53181"
    },
    {
      "name": "CVE-2024-53183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53183"
    },
    {
      "name": "CVE-2024-53184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53184"
    },
    {
      "name": "CVE-2024-53226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53226"
    },
    {
      "name": "CVE-2024-56720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56720"
    },
    {
      "name": "CVE-2024-43098",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43098"
    },
    {
      "name": "CVE-2024-53680",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53680"
    },
    {
      "name": "CVE-2024-56581",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56581"
    },
    {
      "name": "CVE-2024-56586",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56586"
    },
    {
      "name": "CVE-2024-56770",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56770"
    },
    {
      "name": "CVE-2024-56781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56781"
    },
    {
      "name": "CVE-2024-56785",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56785"
    },
    {
      "name": "CVE-2021-47316",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47316"
    },
    {
      "name": "CVE-2024-54678",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-54678"
    },
    {
      "name": "CVE-2025-30033",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30033"
    },
    {
      "name": "CVE-2025-30034",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30034"
    },
    {
      "name": "CVE-2025-40570",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40570"
    },
    {
      "name": "CVE-2025-40746",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40746"
    },
    {
      "name": "CVE-2025-40751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40751"
    },
    {
      "name": "CVE-2025-40752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40752"
    },
    {
      "name": "CVE-2025-40753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40753"
    },
    {
      "name": "CVE-2025-40759",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40759"
    },
    {
      "name": "CVE-2025-47809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47809"
    },
    {
      "name": "CVE-2024-52504",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-52504"
    }
  ],
  "initial_release_date": "2025-08-12T00:00:00",
  "last_revision_date": "2025-08-12T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0677",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-08-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Siemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
  "vendor_advisories": [
    {
      "published_at": "2025-08-12",
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-707630",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-707630.html"
    },
    {
      "published_at": "2025-08-12",
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-331739",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-331739.html"
    },
    {
      "published_at": "2025-08-12",
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-693808",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-693808.html"
    },
    {
      "published_at": "2025-08-12",
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-613116",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-613116.html"
    },
    {
      "published_at": "2025-08-12",
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-493396",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-493396.html"
    },
    {
      "published_at": "2025-08-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-400089",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-400089.html"
    },
    {
      "published_at": "2025-08-12",
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-493787",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-493787.html"
    },
    {
      "published_at": "2025-08-12",
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-894058",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-894058.html"
    },
    {
      "published_at": "2025-08-12",
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-355557",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-355557.html"
    },
    {
      "published_at": "2025-08-12",
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-529291",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-529291.html"
    },
    {
      "published_at": "2025-08-12",
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-282044",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-282044.html"
    }
  ]
}

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 16.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 18.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 20.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 14.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 23.10",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 22.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2024-1085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-1085"
    },
    {
      "name": "CVE-2023-3006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3006"
    },
    {
      "name": "CVE-2023-46838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46838"
    },
    {
      "name": "CVE-2021-44879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44879"
    },
    {
      "name": "CVE-2024-25744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25744"
    },
    {
      "name": "CVE-2023-51782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51782"
    },
    {
      "name": "CVE-2023-2002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2002"
    },
    {
      "name": "CVE-2024-26597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26597"
    },
    {
      "name": "CVE-2024-24855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24855"
    },
    {
      "name": "CVE-2023-46343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46343"
    },
    {
      "name": "CVE-2023-4244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4244"
    },
    {
      "name": "CVE-2023-23000",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23000"
    },
    {
      "name": "CVE-2023-51779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51779"
    },
    {
      "name": "CVE-2023-4921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4921"
    },
    {
      "name": "CVE-2024-0607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0607"
    },
    {
      "name": "CVE-2024-26599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26599"
    },
    {
      "name": "CVE-2023-46862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46862"
    },
    {
      "name": "CVE-2024-0775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0775"
    },
    {
      "name": "CVE-2022-20567",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-20567"
    },
    {
      "name": "CVE-2023-51781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51781"
    },
    {
      "name": "CVE-2023-51780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51780"
    },
    {
      "name": "CVE-2023-6039",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6039"
    },
    {
      "name": "CVE-2023-22995",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22995"
    },
    {
      "name": "CVE-2023-32247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32247"
    },
    {
      "name": "CVE-2023-6560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6560"
    },
    {
      "name": "CVE-2023-30456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-30456"
    },
    {
      "name": "CVE-2023-34256",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-34256"
    },
    {
      "name": "CVE-2023-23004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23004"
    },
    {
      "name": "CVE-2023-4132",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4132"
    },
    {
      "name": "CVE-2023-4134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4134"
    },
    {
      "name": "CVE-2024-1086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-1086"
    },
    {
      "name": "CVE-2024-0340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0340"
    },
    {
      "name": "CVE-2023-39197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39197"
    },
    {
      "name": "CVE-2023-6121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6121"
    }
  ],
  "initial_release_date": "2024-03-22T00:00:00",
  "last_revision_date": "2024-03-22T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0243",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-03-22T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux d\u0027Ubuntu\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire,\nun d\u00e9ni de service \u00e0 distance et un contournement de la politique de\ns\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6706-1 du 20 mars 2024",
      "url": "https://ubuntu.com/security/notices/USN-6706-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6702-1 du 19 mars 2024",
      "url": "https://ubuntu.com/security/notices/USN-6702-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6686-4 du 20 mars 2024",
      "url": "https://ubuntu.com/security/notices/USN-6686-4"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6699-1 du 18 mars 2024",
      "url": "https://ubuntu.com/security/notices/USN-6699-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6700-2 du 21 mars 2024",
      "url": "https://ubuntu.com/security/notices/USN-6700-2"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6681-4 du 19 mars 2024",
      "url": "https://ubuntu.com/security/notices/USN-6681-4"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6707-1 du 20 mars 2024",
      "url": "https://ubuntu.com/security/notices/USN-6707-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6701-2 du 20 mars 2024",
      "url": "https://ubuntu.com/security/notices/USN-6701-2"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6701-1 du 18 mars 2024",
      "url": "https://ubuntu.com/security/notices/USN-6701-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6700-1 du 18 mars 2024",
      "url": "https://ubuntu.com/security/notices/USN-6700-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6705-1 du 20 mars 2024",
      "url": "https://ubuntu.com/security/notices/USN-6705-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6686-3 du 19 mars 2024",
      "url": "https://ubuntu.com/security/notices/USN-6686-3"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6707-2 du 21 mars 2024",
      "url": "https://ubuntu.com/security/notices/USN-6707-2"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6704-1 du 20 mars 2024",
      "url": "https://ubuntu.com/security/notices/USN-6704-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6680-3 du 19 mars 2024",
      "url": "https://ubuntu.com/security/notices/USN-6680-3"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6702-2 du 20 mars 2024",
      "url": "https://ubuntu.com/security/notices/USN-6702-2"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6704-2 du 21 mars 2024",
      "url": "https://ubuntu.com/security/notices/USN-6704-2"
    }
  ]
}

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SUSE Linux Enterprise High Availability 15-SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Live Patching 15-SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15-SP3",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Basesystem 15-SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 12-SP3-LTSS",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Retail Branch Server 4.2",
      "product": {
        "name": "SUSE Manager Retail Branch Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Development Tools 15-SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Proxy 4.2",
      "product": {
        "name": "SUSE Manager Proxy",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Realtime 15-SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Server 4.2",
      "product": {
        "name": "SUSE Manager Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.1",
      "product": {
        "name": "SUSE Linux Enterprise Micro",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Public Cloud 15-SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15-SP3",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP 12-SP3",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Real Time 15-SP3",
      "product": {
        "name": "SUSE Linux Enterprise Real Time",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Desktop 15-SP3",
      "product": {
        "name": "SUSE Linux Enterprise Desktop",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Workstation Extension 15-SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Legacy Software 15-SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15-SP3",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-44879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44879"
    },
    {
      "name": "CVE-2022-23037",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23037"
    },
    {
      "name": "CVE-2022-23042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23042"
    },
    {
      "name": "CVE-2021-39657",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-39657"
    },
    {
      "name": "CVE-2022-0644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0644"
    },
    {
      "name": "CVE-2022-23036",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23036"
    },
    {
      "name": "CVE-2022-23038",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23038"
    },
    {
      "name": "CVE-2022-0487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0487"
    },
    {
      "name": "CVE-2022-26966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26966"
    },
    {
      "name": "CVE-2021-45402",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45402"
    },
    {
      "name": "CVE-2022-0516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0516"
    },
    {
      "name": "CVE-2022-23039",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23039"
    },
    {
      "name": "CVE-2022-27223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27223"
    },
    {
      "name": "CVE-2022-23040",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23040"
    },
    {
      "name": "CVE-2022-23041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23041"
    },
    {
      "name": "CVE-2022-25258",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25258"
    },
    {
      "name": "CVE-2022-24958",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24958"
    },
    {
      "name": "CVE-2022-25636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25636"
    },
    {
      "name": "CVE-2022-26490",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26490"
    },
    {
      "name": "CVE-2022-24448",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24448"
    },
    {
      "name": "CVE-2022-0492",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0492"
    },
    {
      "name": "CVE-2021-0920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0920"
    },
    {
      "name": "CVE-2021-39698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-39698"
    },
    {
      "name": "CVE-2022-0617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0617"
    },
    {
      "name": "CVE-2022-24959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24959"
    }
  ],
  "initial_release_date": "2022-03-31T00:00:00",
  "last_revision_date": "2022-03-31T00:00:00",
  "links": [],
  "reference": "CERTFR-2022-AVI-293",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-03-31T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, un d\u00e9ni de service et\nune atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE su-20221036-1 du 30 mars 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221036-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE su-20221038-1 du 30 mars 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221038-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE su-20221037-1 du 30 mars 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221037-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE su-20221039-1 du 30 mars 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221039-1/"
    }
  ]
}

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SUSE Linux Enterprise High Availability 15-SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Live Patching 15-SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15-SP2",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 12-SP3-BCL",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15-SP3",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Workstation Extension 15-SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Legacy Software 15-SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Retail Branch Server 4.3",
      "product": {
        "name": "SUSE Manager Retail Branch Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Live Patching 12-SP5",
      "product": {
        "name": "SUSE Linux Enterprise Live Patching",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "openSUSE Leap 15.4",
      "product": {
        "name": "openSUSE Leap",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15-SP2",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15-SP1",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.1",
      "product": {
        "name": "SUSE Linux Enterprise Micro",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15-SP3",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Live Patching 15-SP1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Live Patching 15-SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15-SP4",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Desktop 15-SP4",
      "product": {
        "name": "SUSE Linux Enterprise Desktop",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Live Patching 15",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15-SP4",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Proxy 4.3",
      "product": {
        "name": "SUSE Manager Proxy",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Development Tools 15-SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15-SP1",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15-SP4",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15-SP2",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Live Patching 15-SP2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Live Patching 12-SP4",
      "product": {
        "name": "SUSE Linux Enterprise Live Patching",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15-SP3",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Server 4.3",
      "product": {
        "name": "SUSE Manager Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15-SP1",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Basesystem 15-SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-30594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30594"
    },
    {
      "name": "CVE-2021-44879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44879"
    },
    {
      "name": "CVE-2022-1116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1116"
    },
    {
      "name": "CVE-2022-21127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21127"
    },
    {
      "name": "CVE-2022-1652",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1652"
    },
    {
      "name": "CVE-2022-20132",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-20132"
    },
    {
      "name": "CVE-2022-29900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29900"
    },
    {
      "name": "CVE-2022-29901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29901"
    },
    {
      "name": "CVE-2017-16525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-16525"
    },
    {
      "name": "CVE-2022-21166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21166"
    },
    {
      "name": "CVE-2022-1651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1651"
    },
    {
      "name": "CVE-2022-33741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-33741"
    },
    {
      "name": "CVE-2022-1016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1016"
    },
    {
      "name": "CVE-2022-33742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-33742"
    },
    {
      "name": "CVE-2022-34918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-34918"
    },
    {
      "name": "CVE-2022-20154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-20154"
    },
    {
      "name": "CVE-2022-1998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1998"
    },
    {
      "name": "CVE-2022-21499",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21499"
    },
    {
      "name": "CVE-2022-1462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1462"
    },
    {
      "name": "CVE-2022-33740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-33740"
    },
    {
      "name": "CVE-2022-21125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21125"
    },
    {
      "name": "CVE-2022-1184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1184"
    },
    {
      "name": "CVE-2021-4157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4157"
    },
    {
      "name": "CVE-2021-45402",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45402"
    },
    {
      "name": "CVE-2022-0264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0264"
    },
    {
      "name": "CVE-2022-1972",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1972"
    },
    {
      "name": "CVE-2022-0494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0494"
    },
    {
      "name": "CVE-2021-33061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33061"
    },
    {
      "name": "CVE-2022-1966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1966"
    },
    {
      "name": "CVE-2022-21123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21123"
    },
    {
      "name": "CVE-2022-1012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1012"
    },
    {
      "name": "CVE-2022-1734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1734"
    },
    {
      "name": "CVE-2022-20141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-20141"
    },
    {
      "name": "CVE-2022-26490",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26490"
    },
    {
      "name": "CVE-2022-2318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2318"
    },
    {
      "name": "CVE-2021-26341",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-26341"
    },
    {
      "name": "CVE-2022-1679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1679"
    },
    {
      "name": "CVE-2022-1671",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1671"
    },
    {
      "name": "CVE-2022-1789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1789"
    },
    {
      "name": "CVE-2021-4204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4204"
    },
    {
      "name": "CVE-2022-29582",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29582"
    },
    {
      "name": "CVE-2021-39698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-39698"
    },
    {
      "name": "CVE-2022-33743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-33743"
    },
    {
      "name": "CVE-2022-1205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1205"
    },
    {
      "name": "CVE-2022-1729",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1729"
    },
    {
      "name": "CVE-2022-0617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0617"
    },
    {
      "name": "CVE-2022-1852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1852"
    },
    {
      "name": "CVE-2022-21180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21180"
    },
    {
      "name": "CVE-2022-26365",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26365"
    },
    {
      "name": "CVE-2022-33981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-33981"
    },
    {
      "name": "CVE-2022-1974",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1974"
    },
    {
      "name": "CVE-2022-23222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23222"
    },
    {
      "name": "CVE-2022-1198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1198"
    },
    {
      "name": "CVE-2022-1508",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1508"
    }
  ],
  "initial_release_date": "2022-07-22T00:00:00",
  "last_revision_date": "2022-07-22T00:00:00",
  "links": [],
  "reference": "CERTFR-2022-AVI-670",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-07-22T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire, un d\u00e9ni de service et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20222461-1 du 20 juillet 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222461-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20222482-1 du 21 juillet 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222482-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20222460-1 du 20 juillet 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222460-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20222443-1 du 19 juillet 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222443-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20222520-1 du 21 juillet 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222520-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20222515-1 du 21 juillet 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222515-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20222438-1 du 19 juillet 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222438-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20222516-1 du 21 juillet 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222516-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20222435-1 du 19 juillet 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222435-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20222444-1 du 19 juillet 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222444-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20222478-1 du 21 juillet 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222478-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20222445-1 du 19 juillet 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222445-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20222446-1 du 19 juillet 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222446-1/"
    }
  ]
}

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 16.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 18.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 21.10",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 20.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 14.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-45485",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45485"
    },
    {
      "name": "CVE-2021-44879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44879"
    },
    {
      "name": "CVE-2021-33034",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33034"
    },
    {
      "name": "CVE-2021-34693",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-34693"
    },
    {
      "name": "CVE-2021-4202",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4202"
    },
    {
      "name": "CVE-2021-3679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3679"
    },
    {
      "name": "CVE-2021-3483",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3483"
    },
    {
      "name": "CVE-2021-38204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-38204"
    },
    {
      "name": "CVE-2021-28711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28711"
    },
    {
      "name": "CVE-2021-43975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43975"
    },
    {
      "name": "CVE-2021-28713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28713"
    },
    {
      "name": "CVE-2021-4083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4083"
    },
    {
      "name": "CVE-2022-0330",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0330"
    },
    {
      "name": "CVE-2021-28712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28712"
    },
    {
      "name": "CVE-2021-0129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0129"
    },
    {
      "name": "CVE-2022-22942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
    },
    {
      "name": "CVE-2021-4155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4155"
    },
    {
      "name": "CVE-2021-3564",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3564"
    },
    {
      "name": "CVE-2021-43976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43976"
    },
    {
      "name": "CVE-2020-26558",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-26558"
    },
    {
      "name": "CVE-2021-22600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22600"
    },
    {
      "name": "CVE-2022-24448",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24448"
    },
    {
      "name": "CVE-2022-0492",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0492"
    },
    {
      "name": "CVE-2021-39685",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-39685"
    },
    {
      "name": "CVE-2020-26147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-26147"
    },
    {
      "name": "CVE-2022-0435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0435"
    },
    {
      "name": "CVE-2021-3612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3612"
    },
    {
      "name": "CVE-2021-28714",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28714"
    },
    {
      "name": "CVE-2021-42008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42008"
    },
    {
      "name": "CVE-2021-28972",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28972"
    },
    {
      "name": "CVE-2021-28715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28715"
    },
    {
      "name": "CVE-2022-24959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24959"
    }
  ],
  "initial_release_date": "2022-02-23T00:00:00",
  "last_revision_date": "2022-02-23T00:00:00",
  "links": [],
  "reference": "CERTFR-2022-AVI-176",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-02-23T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux\nd\u0027Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire, un d\u00e9ni de service \u00e0 distance et une\natteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5302-1 du 22 f\u00e9vrier 2022",
      "url": "https://ubuntu.com/security/notices/USN-5302-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5295-2 du 22 f\u00e9vrier 2022",
      "url": "https://ubuntu.com/security/notices/USN-5295-2"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5298-1 du 22 f\u00e9vrier 2022",
      "url": "https://ubuntu.com/security/notices/USN-5298-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5297-1 du 22 f\u00e9vrier 2022",
      "url": "https://ubuntu.com/security/notices/USN-5297-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5294-2 du 22 f\u00e9vrier 2022",
      "url": "https://ubuntu.com/security/notices/USN-5294-2"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5299-1 du 22 f\u00e9vrier 2022",
      "url": "https://ubuntu.com/security/notices/USN-5299-1"
    }
  ]
}

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SUSE Linux Enterprise Server 15-SP2-BCL",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Availability 15-SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP 12-SP4",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Live Patching 15-SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 12-SP4-LTSS",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15-SP2",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 12-SP3-BCL",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15-SP3",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Debuginfo 11-SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Basesystem 15-SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Availability 12-SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Storage 7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 11-SP4-LTSS",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 12-SP3-LTSS",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Development Tools 15-SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE CaaS Platform 4.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE OpenStack Cloud Crowbar 9",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Proxy 4.2",
      "product": {
        "name": "SUSE Manager Proxy",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Live Patching 12-SP5",
      "product": {
        "name": "SUSE Linux Enterprise Live Patching",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15-SP2",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Realtime 15-SP2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15-SP1",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Real Time Extension 12-SP5",
      "product": {
        "name": "SUSE Linux Enterprise Real Time",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Realtime 15-SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Server 4.2",
      "product": {
        "name": "SUSE Manager Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Software Development Kit 12-SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Storage 6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 12-SP5",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.1",
      "product": {
        "name": "SUSE Linux Enterprise Micro",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.0",
      "product": {
        "name": "SUSE Linux Enterprise Micro",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Public Cloud 15-SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15-SP3",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP 12-SP3",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Server 4.1",
      "product": {
        "name": "SUSE Manager Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP 15-SP1",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Server 4.0",
      "product": {
        "name": "SUSE Manager Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "HPE Helion Openstack 8",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 12-SP2-BCL",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Live Patching 15-SP1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Enterprise Storage 7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Real Time 15-SP3",
      "product": {
        "name": "SUSE Linux Enterprise Real Time",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Desktop 15-SP3",
      "product": {
        "name": "SUSE Linux Enterprise Desktop",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 12-SP4",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Workstation Extension 15-SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Proxy 4.0",
      "product": {
        "name": "SUSE Manager Proxy",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15-SP1-BCL",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP 15-SP2",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Retail Branch Server 4.1",
      "product": {
        "name": "SUSE Manager Retail Branch Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Availability 15-SP2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 12-SP5",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Live Patching 15",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 12-SP5",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15-LTSS",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Legacy Software 15-SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Availability 15",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 12-SP4",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15-SP2-LTSS",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Proxy 4.1",
      "product": {
        "name": "SUSE Manager Proxy",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 12-SP3",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15-SP1",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15-SP1-LTSS",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 12-SP3",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Real Time 15-SP2",
      "product": {
        "name": "SUSE Linux Enterprise Real Time",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE OpenStack Cloud 9",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE OpenStack Cloud 8",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Enterprise Storage 6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 12-SP4",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Availability 15-SP1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Realtime Extension 15-SP2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15-SP2",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Live Patching 15-SP2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE OpenStack Cloud Crowbar 8",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Availability 12-SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Live Patching 12-SP4",
      "product": {
        "name": "SUSE Linux Enterprise Live Patching",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15-SP3",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Desktop 12-SP5",
      "product": {
        "name": "SUSE Linux Enterprise Desktop",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP 15",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15-SP1",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 11-EXTRA",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Availability 12-SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Workstation Extension 12-SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 12-SP3",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-44879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44879"
    },
    {
      "name": "CVE-2016-10905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-10905"
    },
    {
      "name": "CVE-2020-12770",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-12770"
    },
    {
      "name": "CVE-2022-0644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0644"
    },
    {
      "name": "CVE-2021-45095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45095"
    },
    {
      "name": "CVE-2022-0002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0002"
    },
    {
      "name": "CVE-2022-0487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0487"
    },
    {
      "name": "CVE-2021-3753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3753"
    },
    {
      "name": "CVE-2022-0847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0847"
    },
    {
      "name": "CVE-2022-0516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0516"
    },
    {
      "name": "CVE-2020-27820",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27820"
    },
    {
      "name": "CVE-2022-25258",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25258"
    },
    {
      "name": "CVE-2022-24958",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24958"
    },
    {
      "name": "CVE-2021-4155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4155"
    },
    {
      "name": "CVE-2022-24448",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24448"
    },
    {
      "name": "CVE-2022-0001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0001"
    },
    {
      "name": "CVE-2022-0492",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0492"
    },
    {
      "name": "CVE-2021-0920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0920"
    },
    {
      "name": "CVE-2022-0617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0617"
    },
    {
      "name": "CVE-2022-25375",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25375"
    },
    {
      "name": "CVE-2019-0136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0136"
    },
    {
      "name": "CVE-2022-24959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24959"
    }
  ],
  "initial_release_date": "2022-03-10T00:00:00",
  "last_revision_date": "2022-03-10T00:00:00",
  "links": [],
  "reference": "CERTFR-2022-AVI-229",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-03-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, un d\u00e9ni de service et\nun contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE 20220766-1/ du 08 mars 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20220766-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE 20220757-1 du 08 mars 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20220757-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE 20220762-1/ du 08 mars 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20220762-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE 20220761-1/ du 08 mars 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20220761-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE 202214905-1 du 08 mars 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-202214905-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE 20220760-1/ du 08 mars 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20220760-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE 20220755-1 du 08 mars 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20220755-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE 20220767-1/ du 08 mars 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20220767-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE 20220765-1/ du 08 mars 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20220765-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE 20220763-1/ du 08 mars 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20220763-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE 20220768-1/ du 08 mars 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20220768-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE 20220764-1/ du 08 mars 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20220764-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE 20220756-1 du 08 mars 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20220756-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE 20220759-1/ du 08 mars 2022",
      "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20220759-1/"
    }
  ]
}

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 16.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 18.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 20.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 14.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 22.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2024-26601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26601"
    },
    {
      "name": "CVE-2024-1085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-1085"
    },
    {
      "name": "CVE-2023-52436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52436"
    },
    {
      "name": "CVE-2023-52448",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52448"
    },
    {
      "name": "CVE-2023-52456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52456"
    },
    {
      "name": "CVE-2023-46838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46838"
    },
    {
      "name": "CVE-2021-44879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44879"
    },
    {
      "name": "CVE-2023-5633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5633"
    },
    {
      "name": "CVE-2023-51782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51782"
    },
    {
      "name": "CVE-2024-26600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26600"
    },
    {
      "name": "CVE-2024-26589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26589"
    },
    {
      "name": "CVE-2024-0646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0646"
    },
    {
      "name": "CVE-2023-52593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52593"
    },
    {
      "name": "CVE-2024-26597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26597"
    },
    {
      "name": "CVE-2023-46343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46343"
    },
    {
      "name": "CVE-2023-52454",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52454"
    },
    {
      "name": "CVE-2023-4244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4244"
    },
    {
      "name": "CVE-2024-26627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26627"
    },
    {
      "name": "CVE-2024-26581",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26581"
    },
    {
      "name": "CVE-2023-52600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52600"
    },
    {
      "name": "CVE-2023-52587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52587"
    },
    {
      "name": "CVE-2023-51779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51779"
    },
    {
      "name": "CVE-2023-6817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6817"
    },
    {
      "name": "CVE-2023-52605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52605"
    },
    {
      "name": "CVE-2024-0193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0193"
    },
    {
      "name": "CVE-2023-52604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52604"
    },
    {
      "name": "CVE-2023-52601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52601"
    },
    {
      "name": "CVE-2024-26598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26598"
    },
    {
      "name": "CVE-2023-52603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52603"
    },
    {
      "name": "CVE-2024-26628",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26628"
    },
    {
      "name": "CVE-2023-52462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52462"
    },
    {
      "name": "CVE-2023-52469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52469"
    },
    {
      "name": "CVE-2023-52584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52584"
    },
    {
      "name": "CVE-2024-26625",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26625"
    },
    {
      "name": "CVE-2023-52451",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52451"
    },
    {
      "name": "CVE-2024-0607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0607"
    },
    {
      "name": "CVE-2024-26599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26599"
    },
    {
      "name": "CVE-2024-26592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26592"
    },
    {
      "name": "CVE-2023-52589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52589"
    },
    {
      "name": "CVE-2024-24860",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24860"
    },
    {
      "name": "CVE-2023-52599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52599"
    },
    {
      "name": "CVE-2023-52438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52438"
    },
    {
      "name": "CVE-2023-52439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52439"
    },
    {
      "name": "CVE-2023-52470",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52470"
    },
    {
      "name": "CVE-2023-46862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46862"
    },
    {
      "name": "CVE-2023-52583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52583"
    },
    {
      "name": "CVE-2023-52602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52602"
    },
    {
      "name": "CVE-2024-26588",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26588"
    },
    {
      "name": "CVE-2023-52445",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52445"
    },
    {
      "name": "CVE-2024-26624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26624"
    },
    {
      "name": "CVE-2023-51780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51780"
    },
    {
      "name": "CVE-2024-26594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26594"
    },
    {
      "name": "CVE-2023-50431",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-50431"
    },
    {
      "name": "CVE-2023-22995",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22995"
    },
    {
      "name": "CVE-2023-52458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52458"
    },
    {
      "name": "CVE-2023-52588",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52588"
    },
    {
      "name": "CVE-2023-52598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52598"
    },
    {
      "name": "CVE-2023-6932",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6932"
    },
    {
      "name": "CVE-2023-52594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52594"
    },
    {
      "name": "CVE-2023-52595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52595"
    },
    {
      "name": "CVE-2024-26591",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26591"
    },
    {
      "name": "CVE-2023-52447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52447"
    },
    {
      "name": "CVE-2023-52464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52464"
    },
    {
      "name": "CVE-2023-52606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52606"
    },
    {
      "name": "CVE-2023-7192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-7192"
    },
    {
      "name": "CVE-2023-52597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52597"
    },
    {
      "name": "CVE-2023-4134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4134"
    },
    {
      "name": "CVE-2024-1086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-1086"
    },
    {
      "name": "CVE-2023-52463",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52463"
    },
    {
      "name": "CVE-2023-52467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52467"
    },
    {
      "name": "CVE-2024-0340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0340"
    },
    {
      "name": "CVE-2023-52443",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52443"
    },
    {
      "name": "CVE-2023-6121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6121"
    },
    {
      "name": "CVE-2023-52607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52607"
    },
    {
      "name": "CVE-2024-23849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23849"
    },
    {
      "name": "CVE-2023-6610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6610"
    },
    {
      "name": "CVE-2023-52457",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52457"
    },
    {
      "name": "CVE-2023-52449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52449"
    },
    {
      "name": "CVE-2023-52444",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52444"
    }
  ],
  "initial_release_date": "2024-03-15T00:00:00",
  "last_revision_date": "2024-03-15T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0226",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-03-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux d\u0027Ubuntu\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire,\nune \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6681-3 du 13 mars 2024",
      "url": "https://ubuntu.com/security/notices/USN-6681-3"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6688-1 du 11 mars 2024",
      "url": "https://ubuntu.com/security/notices/USN-6688-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6686-2 du 13 mars 2024",
      "url": "https://ubuntu.com/security/notices/USN-6686-2"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu LSN-0101-1 du 12 mars 2024",
      "url": "https://ubuntu.com/security/notices/LSN-0101-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6681-2 du 11 mars 2024",
      "url": "https://ubuntu.com/security/notices/USN-6681-2"
    }
  ]
}

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 18.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 21.10",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 20.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-44879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44879"
    },
    {
      "name": "CVE-2022-28356",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28356"
    },
    {
      "name": "CVE-2022-1016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1016"
    },
    {
      "name": "CVE-2022-1015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1015"
    },
    {
      "name": "CVE-2022-26966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26966"
    },
    {
      "name": "CVE-2022-0854",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0854"
    },
    {
      "name": "CVE-2022-1048",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1048"
    },
    {
      "name": "CVE-2022-0494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0494"
    },
    {
      "name": "CVE-2022-27223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27223"
    },
    {
      "name": "CVE-2022-1011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1011"
    },
    {
      "name": "CVE-2022-26878",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26878"
    },
    {
      "name": "CVE-2022-24958",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24958"
    },
    {
      "name": "CVE-2021-43976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43976"
    },
    {
      "name": "CVE-2022-26490",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26490"
    },
    {
      "name": "CVE-2022-24448",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24448"
    },
    {
      "name": "CVE-2022-0617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0617"
    },
    {
      "name": "CVE-2022-24959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24959"
    }
  ],
  "initial_release_date": "2022-04-21T00:00:00",
  "last_revision_date": "2022-04-21T00:00:00",
  "links": [],
  "reference": "CERTFR-2022-AVI-375",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-04-21T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux\nd\u0027Ubuntu. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire, un d\u00e9ni de service et une atteinte \u00e0 la confidentialit\u00e9\ndes donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5381-1 du 20 avril 2022",
      "url": "https://ubuntu.com/security/notices/USN-5381-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5383-1 du 20 avril 2022",
      "url": "https://ubuntu.com/security/notices/USN-5383-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5384-1 du 20 avril 2022",
      "url": "https://ubuntu.com/security/notices/USN-5384-1"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2022-25636: Fixed an issue which allowed a local users to gain privileges because of a heap out-of-bounds write in nf_dup_netdev.c, related to nf_tables_offload (bsc#1196299).\n- CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An attacker with adjacent NFC access could trigger crash the system or corrupt system memory (bsc#1196830).\n- CVE-2022-0487: A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c (bsc#1194516).\n- CVE-2022-24448: Fixed an issue if an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should have occured, but the server instead returned uninitialized data in the file descriptor (bsc#1195612).\n- CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image. (bsc#1196079)\n- CVE-2022-0644: Fixed a denial of service by a local user. A assertion failure could be triggered in kernel_read_file_from_fd(). (bsc#1196155)\n- CVE-2022-25258: The USB Gadget subsystem lacked certain validation of interface OS descriptor requests, which could have lead to memory corruption (bsc#1196096).\n- CVE-2022-24958: drivers/usb/gadget/legacy/inode.c mishandled dev-\u003ebuf release (bsc#1195905).\n- CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in drivers/net/hamradio/yam.c (bsc#1195897).\n- CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were not considered, which lead to a move_data_page NULL pointer dereference (bsc#1195987).\n- CVE-2021-0920: Fixed a local privilege escalation due to a use-after-free vulnerability in unix_scm_to_skb of af_unix (bsc#1193731).\n- CVE-2021-39657: Fixed an information leak in the Universal Flash Storage subsystem (bsc#1193864).\n\nThe following non-security bugs were fixed:\n\n- ALSA: intel_hdmi: Fix reference to PCM buffer address (git-fixes).\n- ARM: 9182/1: mmu: fix returns from early_param() and __setup() functions (git-fixes).\n- ARM: Fix kgdb breakpoint for Thumb2 (git-fixes).\n- ASoC: cs4265: Fix the duplicated control name (git-fixes).\n- ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min (git-fixes).\n- ASoC: rt5668: do not block workqueue if card is unbound (git-fixes).\n- ASoC: rt5682: do not block workqueue if card is unbound (git-fixes).\n- Bluetooth: btusb: Add missing Chicony device for Realtek RTL8723BE (bsc#1196779).\n- EDAC/altera: Fix deferred probing (bsc#1178134).\n- HID: add mapping for KEY_ALL_APPLICATIONS (git-fixes).\n- HID: add mapping for KEY_DICTATE (git-fixes).\n- Hand over the maintainership to SLE15-SP3 maintainers\n- IB/hfi1: Correct guard on eager buffer deallocation (git-fixes).\n- IB/hfi1: Fix early init panic (git-fixes).\n- IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr (git-fixes).\n- IB/hfi1: Insure use of smp_processor_id() is preempt disabled (git-fixes).\n- IB/rdmavt: Validate remote_addr during loopback atomic tests (git-fixes).\n- Input: clear BTN_RIGHT/MIDDLE on buttonpads (git-fixes).\n- Input: elan_i2c - fix regulator enable count imbalance after suspend/resume (git-fixes).\n- Input: elan_i2c - move regulator_[en|dis]able() out of elan_[en|dis]able_power() (git-fixes).\n- RDMA/bnxt_re: Scan the whole bitmap when checking if \u0027disabling RCFW with pending cmd-bit\u0027 (git-fixes).\n- RDMA/cma: Do not change route.addr.src_addr outside state checks (bsc#1181147).\n- RDMA/cma: Let cma_resolve_ib_dev() continue search even after empty entry (git-fixes).\n- RDMA/cma: Remove open coding of overflow checking for private_data_len (git-fixes).\n- RDMA/core: Do not infoleak GRH fields (git-fixes).\n- RDMA/core: Let ib_find_gid() continue search even after empty entry (git-fixes).\n- RDMA/cxgb4: Set queue pair state when being queried (git-fixes).\n- RDMA/hns: Validate the pkey index (git-fixes).\n- RDMA/ib_srp: Fix a deadlock (git-fixes).\n- RDMA/mlx4: Do not continue event handler after memory allocation failure (git-fixes).\n- RDMA/rtrs-clt: Fix possible double free in error case (jsc#SLE-15176).\n- RDMA/rxe: Fix a typo in opcode name (git-fixes).\n- RDMA/siw: Fix broken RDMA Read Fence/Resume logic (git-fixes).\n- RDMA/uverbs: Check for null return of kmalloc_array (git-fixes).\n- RDMA/uverbs: Remove the unnecessary assignment (git-fixes).\n- Revert \u0027USB: serial: ch341: add new Product ID for CH341A\u0027 (git-fixes).\n- SUNRPC: avoid race between mod_timer() and del_timer_sync() (bnc#1195403).\n- USB: gadget: validate endpoint index for xilinx udc (git-fixes).\n- USB: gadget: validate interface OS descriptor requests (git-fixes).\n- USB: hub: Clean up use of port initialization schemes and retries (git-fixes).\n- USB: serial: option: add Telit LE910R1 compositions (git-fixes).\n- USB: serial: option: add support for DW5829e (git-fixes).\n- USB: zaurus: support another broken Zaurus (git-fixes).\n- arm64: dts: rockchip: Switch RK3399-Gru DP to SPDIF output (git-fixes).\n- asix: fix uninit-value in asix_mdio_read() (git-fixes).\n- ata: pata_hpt37x: disable primary channel on HPT371 (git-fixes).\n- batman-adv: Do not expect inter-netns unique iflink indices (git-fixes).\n- batman-adv: Request iflink once in batadv-on-batadv check (git-fixes).\n- batman-adv: Request iflink once in batadv_get_real_netdevice (git-fixes).\n- blk-mq: do not free tags if the tag_set is used by other device in queue initialztion (bsc#1193787).\n- bnxt_en: Fix active FEC reporting to ethtool (jsc#SLE-16649).\n- bnxt_en: Fix incorrect multicast rx mask setting when not requested (git-fixes).\n- bnxt_en: Fix occasional ethtool -t loopback test failures (git-fixes).\n- bnxt_en: Fix offline ethtool selftest with RDMA enabled (git-fixes).\n- bonding: force carrier update when releasing slave (git-fixes).\n- can: gs_usb: change active_channels\u0027s type from atomic_t to u8 (git-fixes).\n- cgroup-v1: Correct privileges check in release_agent writes (bsc#1196723).\n- cgroup/cpuset: Fix \u0027suspicious RCU usage\u0027 lockdep warning (bsc#1196868).\n- clk: jz4725b: fix mmc0 clock gating (git-fixes).\n- cpufreq: schedutil: Use kobject release() method to free (git-fixes)\n- cpuset: Fix the bug that subpart_cpus updated wrongly in update_cpumask() (bsc#1196866).\n- cputime, cpuacct: Include guest time in user time in (git-fixes)\n- dma-direct: Fix potential NULL pointer dereference (bsc#1196472 ltc#192278).\n- dma-mapping: Allow mixing bypass and mapped DMA operation (bsc#1196472 ltc#192278).\n- dmaengine: shdma: Fix runtime PM imbalance on error (git-fixes).\n- drm/amdgpu: disable MMHUB PG for Picasso (git-fixes).\n- drm/edid: Always set RGB444 (git-fixes).\n- drm/i915/dg1: Wait for pcode/uncore handshake at startup (bsc#1195211).\n- drm/i915/gen11+: Only load DRAM information from pcode (bsc#1195211).\n- drm/i915: Nuke not needed members of dram_info (bsc#1195211).\n- drm/i915: Remove memory frequency calculation (bsc#1195211).\n- drm/i915: Rename is_16gb_dimm to wm_lv_0_adjust_needed (bsc#1195211).\n- efivars: Respect \u0027block\u0027 flag in efivar_entry_set_safe() (git-fixes).\n- exfat: fix i_blocks for files truncated over 4 GiB (git-fixes).\n- exfat: fix incorrect loading of i_blocks for large files (git-fixes).\n- firmware: arm_scmi: Remove space in MODULE_ALIAS name (git-fixes).\n- gpio: rockchip: Reset int_bothedge when changing trigger (git-fixes).\n- gpio: tegra186: Fix chip_data type confusion (git-fixes).\n- gtp: remove useless rcu_read_lock() (git-fixes).\n- hamradio: fix macro redefine warning (git-fixes).\n- i2c: bcm2835: Avoid clock stretching timeouts (git-fixes).\n- iavf: Fix missing check for running netdev (git-fixes).\n- ice: initialize local variable \u0027tlv\u0027 (jsc#SLE-12878).\n- igc: igc_read_phy_reg_gpy: drop premature return (git-fixes).\n- igc: igc_write_phy_reg_gpy: drop premature return (git-fixes).\n- iio: Fix error handling for PM (git-fixes).\n- iio: adc: ad7124: fix mask used for setting AIN_BUFP \u0026 AIN_BUFM bits (git-fixes).\n- iio: adc: men_z188_adc: Fix a resource leak in an error handling path (git-fixes).\n- ixgbe: xsk: change !netif_carrier_ok() handling in ixgbe_xmit_zc() (git-fixes).\n- mac80211: fix forwarded mesh frames AC \u0026 queue selection (git-fixes).\n- mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work (git-fixes).\n- mac80211_hwsim: report NOACK frames in tx_status (git-fixes).\n- mask out added spinlock in rndis_params (git-fixes).\n- net/mlx5: Fix possible deadlock on rule deletion (git-fixes).\n- net/mlx5: Fix wrong limitation of metadata match on ecpf (git-fixes).\n- net/mlx5: Update the list of the PCI supported devices (git-fixes).\n- net/mlx5: Update the list of the PCI supported devices (git-fixes).\n- net/mlx5e: Fix modify header actions memory leak (git-fixes).\n- net/mlx5e: Fix page DMA map/unmap attributes (bsc#1196468).\n- net/mlx5e: Fix wrong return value on ioctl EEPROM query failure (git-fixes).\n- net/mlx5e: TC, Reject rules with drop and modify hdr action (git-fixes).\n- net/mlx5e: TC, Reject rules with forward and drop actions (git-fixes).\n- net/mlx5e: kTLS, Use CHECKSUM_UNNECESSARY for device-offloaded packets (jsc#SLE-15172).\n- net/sched: act_ct: Fix flow table lookup after ct clear or switching zones (jsc#SLE-15172).\n- net: dsa: mv88e6xxx: MV88E6097 does not support jumbo configuration (git-fixes).\n- net: ethernet: ti: cpsw: disable PTPv1 hw timestamping advertisement (git-fixes).\n- net: fix up skbs delta_truesize in UDP GRO frag_list (bsc#1176447).\n- net: hns3: Clear the CMDQ registers before unmapping BAR region (git-fixes).\n- net: sfc: Replace in_interrupt() usage (git-fixes).\n- net: tipc: validate domain record count on input (bsc#1195254).\n- net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990 (git-fixes).\n- netfilter: nf_tables: fix memory leak during stateful obj update (bsc#1176447).\n- netsec: ignore \u0027phy-mode\u0027 device property on ACPI systems (git-fixes).\n- nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac() (git-fixes).\n- nl80211: Handle nla_memdup failures in handle_nan_filter (git-fixes).\n- ntb: intel: fix port config status offset for SPR (git-fixes).\n- nvme-multipath: use vmalloc for ANA log buffer (bsc#1193787).\n- nvme-rdma: fix possible use-after-free in transport error_recovery work (git-fixes).\n- nvme-tcp: fix possible use-after-free in transport error_recovery work (git-fixes).\n- nvme: fix a possible use-after-free in controller reset during load (git-fixes).\n- powerpc/dma: Fallback to dma_ops when persistent memory present (bsc#1196472 ltc#192278). Update config files.\n- powerpc/fadump: register for fadump as early as possible (bsc#1179439 ltc#190038).\n- powerpc/mm: Remove dcache flush from memory remove (bsc#1196433 ltc#196449).\n- powerpc/powernv/memtrace: Fix dcache flushing (bsc#1196433 ltc#196449).\n- powerpc/pseries/iommu: Fix window size for direct mapping with pmem (bsc#1196472 ltc#192278).\n- sched/core: Mitigate race (git-fixes)\n- scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put() (git-fixes).\n- scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe (git-fixes).\n- scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write() (git-fixes).\n- scsi: nsp_cs: Check of ioremap return value (git-fixes).\n- scsi: qedf: Fix potential dereference of NULL pointer (git-fixes).\n- scsi: smartpqi: Add PCI IDs (bsc#1196627).\n- scsi: ufs: Fix race conditions related to driver data (git-fixes).\n- selftests: mlxsw: tc_police_scale: Make test more robust (bsc#1176774).\n- soc: fsl: Correct MAINTAINERS database (QUICC ENGINE LIBRARY) (git-fixes).\n- soc: fsl: Correct MAINTAINERS database (SOC) (git-fixes).\n- soc: fsl: qe: Check of ioremap return value (git-fixes).\n- spi: spi-zynq-qspi: Fix a NULL pointer dereference in zynq_qspi_exec_mem_op() (git-fixes).\n- sr9700: sanity check for packet length (bsc#1196836).\n- tracing: Fix return value of __setup handlers (git-fixes).\n- tty: n_gsm: fix encoding of control signal octet bit DV (git-fixes).\n- tty: n_gsm: fix proper link termination after failed open (git-fixes).\n- usb: dwc2: use well defined macros for power_down (git-fixes).\n- usb: dwc3: gadget: Let the interrupt handler disable bottom halves (git-fixes).\n- usb: dwc3: pci: Fix Bay Trail phy GPIO mappings (git-fixes).\n- usb: gadget: rndis: add spinlock for rndis response list (git-fixes).\n- usb: hub: Fix usb enumeration issue due to address0 race (git-fixes).\n- vrf: Fix fast path output packet handling with async Netfilter rules (git-fixes).\n- xhci: Prevent futile URB re-submissions due to incorrect return value (git-fixes).\n- xhci: re-initialize the HC during resume if HCE was set (git-fixes).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-SLE-15.3-2022-1037",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2022_1037-1.json"
      },
      {
        "category": "self",
        "summary": "URL for openSUSE-SU-2022:1037-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YVOKHN5NCU57OGTEBU36WJRTWHRBUST7/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for openSUSE-SU-2022:1037-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YVOKHN5NCU57OGTEBU36WJRTWHRBUST7/"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1176447",
        "url": "https://bugzilla.suse.com/1176447"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1176774",
        "url": "https://bugzilla.suse.com/1176774"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1178134",
        "url": "https://bugzilla.suse.com/1178134"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1179439",
        "url": "https://bugzilla.suse.com/1179439"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1181147",
        "url": "https://bugzilla.suse.com/1181147"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1191428",
        "url": "https://bugzilla.suse.com/1191428"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1192273",
        "url": "https://bugzilla.suse.com/1192273"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193731",
        "url": "https://bugzilla.suse.com/1193731"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193787",
        "url": "https://bugzilla.suse.com/1193787"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193864",
        "url": "https://bugzilla.suse.com/1193864"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194463",
        "url": "https://bugzilla.suse.com/1194463"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194516",
        "url": "https://bugzilla.suse.com/1194516"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195211",
        "url": "https://bugzilla.suse.com/1195211"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195254",
        "url": "https://bugzilla.suse.com/1195254"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195403",
        "url": "https://bugzilla.suse.com/1195403"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195612",
        "url": "https://bugzilla.suse.com/1195612"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195897",
        "url": "https://bugzilla.suse.com/1195897"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195905",
        "url": "https://bugzilla.suse.com/1195905"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195939",
        "url": "https://bugzilla.suse.com/1195939"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195949",
        "url": "https://bugzilla.suse.com/1195949"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195987",
        "url": "https://bugzilla.suse.com/1195987"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196079",
        "url": "https://bugzilla.suse.com/1196079"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196095",
        "url": "https://bugzilla.suse.com/1196095"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196132",
        "url": "https://bugzilla.suse.com/1196132"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196155",
        "url": "https://bugzilla.suse.com/1196155"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196299",
        "url": "https://bugzilla.suse.com/1196299"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196301",
        "url": "https://bugzilla.suse.com/1196301"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196433",
        "url": "https://bugzilla.suse.com/1196433"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196468",
        "url": "https://bugzilla.suse.com/1196468"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196472",
        "url": "https://bugzilla.suse.com/1196472"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196627",
        "url": "https://bugzilla.suse.com/1196627"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196723",
        "url": "https://bugzilla.suse.com/1196723"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196779",
        "url": "https://bugzilla.suse.com/1196779"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196830",
        "url": "https://bugzilla.suse.com/1196830"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196836",
        "url": "https://bugzilla.suse.com/1196836"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196866",
        "url": "https://bugzilla.suse.com/1196866"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196868",
        "url": "https://bugzilla.suse.com/1196868"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-0920 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-0920/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39657 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39657/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-44879 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-44879/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0487 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0487/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0617 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0617/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0644 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0644/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24448 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24448/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24958 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24958/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24959 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24959/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-25258 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-25258/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-25636 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-25636/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-26490 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-26490/"
      }
    ],
    "title": "Security update for the Linux Kernel",
    "tracking": {
      "current_release_date": "2022-03-30T07:37:00Z",
      "generator": {
        "date": "2022-03-30T07:37:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2022:1037-1",
      "initial_release_date": "2022-03-30T07:37:00Z",
      "revision_history": [
        {
          "date": "2022-03-30T07:37:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
                "product": {
                  "name": "kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
                  "product_id": "kernel-devel-azure-5.3.18-150300.38.50.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-azure-5.3.18-150300.38.50.1.noarch",
                "product": {
                  "name": "kernel-source-azure-5.3.18-150300.38.50.1.noarch",
                  "product_id": "kernel-source-azure-5.3.18-150300.38.50.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
                "product": {
                  "name": "cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
                  "product_id": "cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
                "product": {
                  "name": "dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
                  "product_id": "dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
                "product": {
                  "name": "gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
                  "product_id": "gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-azure-5.3.18-150300.38.50.1.x86_64",
                "product": {
                  "name": "kernel-azure-5.3.18-150300.38.50.1.x86_64",
                  "product_id": "kernel-azure-5.3.18-150300.38.50.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
                "product": {
                  "name": "kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
                  "product_id": "kernel-azure-devel-5.3.18-150300.38.50.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
                "product": {
                  "name": "kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
                  "product_id": "kernel-azure-extra-5.3.18-150300.38.50.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
                "product": {
                  "name": "kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
                  "product_id": "kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
                "product": {
                  "name": "kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
                  "product_id": "kernel-azure-optional-5.3.18-150300.38.50.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
                "product": {
                  "name": "kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
                  "product_id": "kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
                "product": {
                  "name": "kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
                  "product_id": "kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
                "product": {
                  "name": "ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
                  "product_id": "ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64",
                "product": {
                  "name": "reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64",
                  "product_id": "reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.3",
                "product": {
                  "name": "openSUSE Leap 15.3",
                  "product_id": "openSUSE Leap 15.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.3"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64"
        },
        "product_reference": "cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64"
        },
        "product_reference": "dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64"
        },
        "product_reference": "gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-azure-5.3.18-150300.38.50.1.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64"
        },
        "product_reference": "kernel-azure-5.3.18-150300.38.50.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-azure-devel-5.3.18-150300.38.50.1.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64"
        },
        "product_reference": "kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-azure-extra-5.3.18-150300.38.50.1.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64"
        },
        "product_reference": "kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64"
        },
        "product_reference": "kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-azure-optional-5.3.18-150300.38.50.1.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64"
        },
        "product_reference": "kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-azure-5.3.18-150300.38.50.1.noarch as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch"
        },
        "product_reference": "kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-azure-5.3.18-150300.38.50.1.noarch as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch"
        },
        "product_reference": "kernel-source-azure-5.3.18-150300.38.50.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-azure-5.3.18-150300.38.50.1.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64"
        },
        "product_reference": "kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64"
        },
        "product_reference": "kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64"
        },
        "product_reference": "ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
        },
        "product_reference": "reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-0920",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-0920"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196926917References: Upstream kernel",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
          "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
          "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-0920",
          "url": "https://www.suse.com/security/cve/CVE-2021-0920"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1193731 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1193731"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194463 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1194463"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195939 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1195939"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199255 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1199255"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200084 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1200084"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-0920"
    },
    {
      "cve": "CVE-2021-39657",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39657"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In ufshcd_eh_device_reset_handler of ufshcd.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-194696049References: Upstream kernel",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
          "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
          "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39657",
          "url": "https://www.suse.com/security/cve/CVE-2021-39657"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1193864 for CVE-2021-39657",
          "url": "https://bugzilla.suse.com/1193864"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2021-39657"
    },
    {
      "cve": "CVE-2021-44879",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-44879"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
          "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
          "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-44879",
          "url": "https://www.suse.com/security/cve/CVE-2021-44879"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195987 for CVE-2021-44879",
          "url": "https://bugzilla.suse.com/1195987"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-44879"
    },
    {
      "cve": "CVE-2022-0487",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0487"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
          "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
          "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0487",
          "url": "https://www.suse.com/security/cve/CVE-2022-0487"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194516 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1194516"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195949 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1195949"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198615 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1198615"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-0487"
    },
    {
      "cve": "CVE-2022-0617",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0617"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
          "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
          "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0617",
          "url": "https://www.suse.com/security/cve/CVE-2022-0617"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196079 for CVE-2022-0617",
          "url": "https://bugzilla.suse.com/1196079"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0617"
    },
    {
      "cve": "CVE-2022-0644",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0644"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
          "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
          "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0644",
          "url": "https://www.suse.com/security/cve/CVE-2022-0644"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196155 for CVE-2022-0644",
          "url": "https://bugzilla.suse.com/1196155"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0644"
    },
    {
      "cve": "CVE-2022-24448",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24448"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file descriptor.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
          "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
          "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24448",
          "url": "https://www.suse.com/security/cve/CVE-2022-24448"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195612 for CVE-2022-24448",
          "url": "https://bugzilla.suse.com/1195612"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24448"
    },
    {
      "cve": "CVE-2022-24958",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24958"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev-\u003ebuf release.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
          "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
          "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24958",
          "url": "https://www.suse.com/security/cve/CVE-2022-24958"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195905 for CVE-2022-24958",
          "url": "https://bugzilla.suse.com/1195905"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24958"
    },
    {
      "cve": "CVE-2022-24959",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24959"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in yam_siocdevprivate in drivers/net/hamradio/yam.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
          "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
          "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24959",
          "url": "https://www.suse.com/security/cve/CVE-2022-24959"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195897 for CVE-2022-24959",
          "url": "https://bugzilla.suse.com/1195897"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24959"
    },
    {
      "cve": "CVE-2022-25258",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-25258"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory corruption might occur.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
          "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
          "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-25258",
          "url": "https://www.suse.com/security/cve/CVE-2022-25258"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196095 for CVE-2022-25258",
          "url": "https://bugzilla.suse.com/1196095"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196132 for CVE-2022-25258",
          "url": "https://bugzilla.suse.com/1196132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-25258"
    },
    {
      "cve": "CVE-2022-25636",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-25636"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
          "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
          "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-25636",
          "url": "https://www.suse.com/security/cve/CVE-2022-25636"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196299 for CVE-2022-25636",
          "url": "https://bugzilla.suse.com/1196299"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196301 for CVE-2022-25636",
          "url": "https://bugzilla.suse.com/1196301"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-25636"
    },
    {
      "cve": "CVE-2022-26490",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-26490"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
          "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
          "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-26490",
          "url": "https://www.suse.com/security/cve/CVE-2022-26490"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196830 for CVE-2022-26490",
          "url": "https://bugzilla.suse.com/1196830"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201656 for CVE-2022-26490",
          "url": "https://bugzilla.suse.com/1201656"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201969 for CVE-2022-26490",
          "url": "https://bugzilla.suse.com/1201969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1211495 for CVE-2022-26490",
          "url": "https://bugzilla.suse.com/1211495"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.50.1.noarch",
            "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.50.1.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.50.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:37:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-26490"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2022-25636: Fixed an issue which allowed a local users to gain privileges because of a heap out-of-bounds write in nf_dup_netdev.c, related to nf_tables_offload (bsc#1196299).\n- CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An attacker with adjacent NFC access could trigger crash the system or corrupt system memory (bsc#1196830).\n- CVE-2022-0487: A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c (bsc#1194516).\n- CVE-2022-24448: Fixed an issue if an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should have occured, but the server instead returned uninitialized data in the file descriptor (bsc#1195612).\n- CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image. (bsc#1196079)\n- CVE-2022-0644: Fixed a denial of service by a local user. A assertion failure could be triggered in kernel_read_file_from_fd(). (bsc#1196155)\n- CVE-2022-25258: The USB Gadget subsystem lacked certain validation of interface OS descriptor requests, which could have lead to memory corruption (bsc#1196096).\n- CVE-2022-24958: drivers/usb/gadget/legacy/inode.c mishandled dev-\u003ebuf release (bsc#1195905).\n- CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in drivers/net/hamradio/yam.c (bsc#1195897).\n- CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were not considered, which lead to a move_data_page NULL pointer dereference (bsc#1195987).\n- CVE-2021-0920: Fixed a local privilege escalation due to a use-after-free vulnerability in unix_scm_to_skb of af_unix (bsc#1193731).\n- CVE-2021-39657: Fixed an information leak in the Universal Flash Storage subsystem (bsc#1193864).\n- CVE-2022-26966: Fixed an issue in drivers/net/usb/sr9700.c, which allowed attackers to obtain sensitive information from heap memory via crafted frame lengths from a device (bsc#1196836).\n- CVE-2021-39698: Fixed a possible memory corruption due to a use after free in aio_poll_complete_work. This could lead to local escalation of privilege with no additional execution privileges needed. (bsc#1196956)\n- CVE-2021-45402: The check_alu_op function in kernel/bpf/verifier.c did not properly update bounds while handling the mov32 instruction, which allowed local users to obtain potentially sensitive address information (bsc#1196130).\n- CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,CVE-2022-23041,CVE-2022-23042: Fixed multiple issues which could have lead to read/write access to memory pages or denial of service. These issues are related to the Xen PV device frontend drivers. (bsc#1196488)\n\nThe following non-security bugs were fixed:\n\n- ALSA: intel_hdmi: Fix reference to PCM buffer address (git-fixes).\n- ARM: 9182/1: mmu: fix returns from early_param() and __setup() functions (git-fixes).\n- ARM: Fix kgdb breakpoint for Thumb2 (git-fixes).\n- ASoC: cs4265: Fix the duplicated control name (git-fixes).\n- ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min (git-fixes).\n- ASoC: rt5668: do not block workqueue if card is unbound (git-fixes).\n- ASoC: rt5682: do not block workqueue if card is unbound (git-fixes).\n- Bluetooth: btusb: Add missing Chicony device for Realtek RTL8723BE (bsc#1196779).\n- EDAC/altera: Fix deferred probing (bsc#1178134).\n- EDAC: Fix calculation of returned address and next offset in edac_align_ptr() (bsc#1178134).\n- HID: add mapping for KEY_ALL_APPLICATIONS (git-fixes).\n- HID: add mapping for KEY_DICTATE (git-fixes).\n- Hand over the maintainership to SLE15-SP3 maintainers\n- IB/hfi1: Correct guard on eager buffer deallocation (git-fixes).\n- IB/hfi1: Fix early init panic (git-fixes).\n- IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr (git-fixes).\n- IB/hfi1: Insure use of smp_processor_id() is preempt disabled (git-fixes).\n- IB/rdmavt: Validate remote_addr during loopback atomic tests (git-fixes).\n- Input: clear BTN_RIGHT/MIDDLE on buttonpads (git-fixes).\n- Input: elan_i2c - fix regulator enable count imbalance after suspend/resume (git-fixes).\n- Input: elan_i2c - move regulator_[en|dis]able() out of elan_[en|dis]able_power() (git-fixes).\n- NFC: port100: fix use-after-free in port100_send_complete (git-fixes).\n- RDMA/bnxt_re: Scan the whole bitmap when checking if \u0027disabling RCFW with pending cmd-bit\u0027 (git-fixes).\n- RDMA/cma: Do not change route.addr.src_addr outside state checks (bsc#1181147).\n- RDMA/cma: Let cma_resolve_ib_dev() continue search even after empty entry (git-fixes).\n- RDMA/cma: Remove open coding of overflow checking for private_data_len (git-fixes).\n- RDMA/core: Do not infoleak GRH fields (git-fixes).\n- RDMA/core: Let ib_find_gid() continue search even after empty entry (git-fixes).\n- RDMA/cxgb4: Set queue pair state when being queried (git-fixes).\n- RDMA/hns: Validate the pkey index (git-fixes).\n- RDMA/ib_srp: Fix a deadlock (git-fixes).\n- RDMA/mlx4: Do not continue event handler after memory allocation failure (git-fixes).\n- RDMA/rtrs-clt: Fix possible double free in error case (jsc#SLE-15176).\n- RDMA/rxe: Fix a typo in opcode name (git-fixes).\n- RDMA/siw: Fix broken RDMA Read Fence/Resume logic (git-fixes).\n- RDMA/uverbs: Check for null return of kmalloc_array (git-fixes).\n- RDMA/uverbs: Remove the unnecessary assignment (git-fixes).\n- Revert \u0027USB: serial: ch341: add new Product ID for CH341A\u0027 (git-fixes).\n- SUNRPC: avoid race between mod_timer() and del_timer_sync() (bnc#1195403).\n- USB: gadget: validate endpoint index for xilinx udc (git-fixes).\n- USB: gadget: validate interface OS descriptor requests (git-fixes).\n- USB: hub: Clean up use of port initialization schemes and retries (git-fixes).\n- USB: serial: option: add Telit LE910R1 compositions (git-fixes).\n- USB: serial: option: add support for DW5829e (git-fixes).\n- USB: zaurus: support another broken Zaurus (git-fixes).\n- arm64: dts: rockchip: Switch RK3399-Gru DP to SPDIF output (git-fixes).\n- asix: fix uninit-value in asix_mdio_read() (git-fixes).\n- ata: pata_hpt37x: disable primary channel on HPT371 (git-fixes).\n- ax25: Fix NULL pointer dereference in ax25_kill_by_device (git-fixes).\n- batman-adv: Do not expect inter-netns unique iflink indices (git-fixes).\n- batman-adv: Request iflink once in batadv-on-batadv check (git-fixes).\n- batman-adv: Request iflink once in batadv_get_real_netdevice (git-fixes).\n- blk-mq: do not free tags if the tag_set is used by other device in queue initialztion (bsc#1193787).\n- bnxt_en: Fix active FEC reporting to ethtool (jsc#SLE-16649).\n- bnxt_en: Fix incorrect multicast rx mask setting when not requested (git-fixes).\n- bnxt_en: Fix occasional ethtool -t loopback test failures (git-fixes).\n- bnxt_en: Fix offline ethtool selftest with RDMA enabled (git-fixes).\n- bonding: force carrier update when releasing slave (git-fixes).\n- build initrd without systemd This reduces the size of the initrd by over 25%, which improves startup time of the virtual machine by 0.5-0.6s on very fast machines, more on slower ones.\n- can: gs_usb: change active_channels\u0027s type from atomic_t to u8 (git-fixes).\n- cgroup-v1: Correct privileges check in release_agent writes (bsc#1196723).\n- cgroup/cpuset: Fix \u0027suspicious RCU usage\u0027 lockdep warning (bsc#1196868).\n- clk: jz4725b: fix mmc0 clock gating (git-fixes).\n- constraints: Also adjust disk requirement for x86 and s390.\n- constraints: Increase disk space for aarch64\n- cpufreq: schedutil: Use kobject release() method to free (git-fixes)\n- cpuset: Fix the bug that subpart_cpus updated wrongly in update_cpumask() (bsc#1196866).\n- cputime, cpuacct: Include guest time in user time in (git-fixes)\n- dma-direct: Fix potential NULL pointer dereference (bsc#1196472 ltc#192278).\n- dma-mapping: Allow mixing bypass and mapped DMA operation (bsc#1196472 ltc#192278).\n- dmaengine: shdma: Fix runtime PM imbalance on error (git-fixes).\n- drm/amdgpu: disable MMHUB PG for Picasso (git-fixes).\n- drm/edid: Always set RGB444 (git-fixes).\n- drm/i915/dg1: Wait for pcode/uncore handshake at startup (bsc#1195211).\n- drm/i915/gen11+: Only load DRAM information from pcode (bsc#1195211).\n- drm/i915: Nuke not needed members of dram_info (bsc#1195211).\n- drm/i915: Remove memory frequency calculation (bsc#1195211).\n- drm/i915: Rename is_16gb_dimm to wm_lv_0_adjust_needed (bsc#1195211).\n- drm/sun4i: mixer: Fix P010 and P210 format numbers (git-fixes).\n- efivars: Respect \u0027block\u0027 flag in efivar_entry_set_safe() (git-fixes).\n- exfat: fix i_blocks for files truncated over 4 GiB (git-fixes).\n- exfat: fix incorrect loading of i_blocks for large files (git-fixes).\n- firmware: arm_scmi: Remove space in MODULE_ALIAS name (git-fixes).\n- fix rpm build warning tumbleweed rpm is adding these warnings to the log: It\u0027s not recommended to have unversioned Obsoletes: Obsoletes:   microcode_ctl\n- gianfar: ethtool: Fix refcount leak in gfar_get_ts_info (git-fixes).\n- gpio: rockchip: Reset int_bothedge when changing trigger (git-fixes).\n- gpio: tegra186: Fix chip_data type confusion (git-fixes).\n- gpio: ts4900: Do not set DAT and OE together (git-fixes).\n- gpiolib: acpi: Convert ACPI value of debounce to microseconds (git-fixes).\n- gtp: remove useless rcu_read_lock() (git-fixes).\n- hamradio: fix macro redefine warning (git-fixes).\n- i2c: bcm2835: Avoid clock stretching timeouts (git-fixes).\n- iavf: Fix missing check for running netdev (git-fixes).\n- ice: initialize local variable \u0027tlv\u0027 (jsc#SLE-12878).\n- igc: igc_read_phy_reg_gpy: drop premature return (git-fixes).\n- igc: igc_write_phy_reg_gpy: drop premature return (git-fixes).\n- iio: Fix error handling for PM (git-fixes).\n- iio: adc: ad7124: fix mask used for setting AIN_BUFP \u0026 AIN_BUFM bits (git-fixes).\n- iio: adc: men_z188_adc: Fix a resource leak in an error handling path (git-fixes).\n- ixgbe: xsk: change !netif_carrier_ok() handling in ixgbe_xmit_zc() (git-fixes).\n- kernel-binary.spec.in: Move 20-kernel-default-extra.conf to the correctr directory (bsc#1195051).\n- kernel-binary.spec: Also exclude the kernel signing key from devel package. There is a check in OBS that fails when it is included. Also the key is not reproducible. Fixes: bb988d4625a3 (\u0027kernel-binary: Do not include sourcedir in certificate path.\u0027)\n- kernel-binary.spec: Do not use the default certificate path (bsc#1194943). Using the the default path is broken since Linux 5.17\n- kernel-binary: Do not include sourcedir in certificate path. The certs macro runs before build directory is set up so it creates the aggregate of supplied certificates in the source directory. Using this file directly as the certificate in kernel config works but embeds the source directory path in the kernel config. To avoid this symlink the certificate to the build directory and use relative path to refer to it. Also fabricate a certificate in the same location in build directory when none is provided.\n- kernel-obs-build: include 9p (boo#1195353) To be able to share files between host and the qemu vm of the build script, the 9p and 9p_virtio kernel modules need to be included in the initrd of kernel-obs-build.\n- mac80211: fix forwarded mesh frames AC \u0026 queue selection (git-fixes).\n- mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work (git-fixes).\n- mac80211_hwsim: report NOACK frames in tx_status (git-fixes).\n- mask out added spinlock in rndis_params (git-fixes).\n- mmc: meson: Fix usage of meson_mmc_post_req() (git-fixes).\n- net/mlx5: Fix possible deadlock on rule deletion (git-fixes).\n- net/mlx5: Fix wrong limitation of metadata match on ecpf (git-fixes).\n- net/mlx5: Update the list of the PCI supported devices (git-fixes).\n- net/mlx5: Update the list of the PCI supported devices (git-fixes).\n- net/mlx5e: Fix modify header actions memory leak (git-fixes).\n- net/mlx5e: Fix page DMA map/unmap attributes (bsc#1196468).\n- net/mlx5e: Fix wrong return value on ioctl EEPROM query failure (git-fixes).\n- net/mlx5e: TC, Reject rules with drop and modify hdr action (git-fixes).\n- net/mlx5e: TC, Reject rules with forward and drop actions (git-fixes).\n- net/mlx5e: kTLS, Use CHECKSUM_UNNECESSARY for device-offloaded packets (jsc#SLE-15172).\n- net/sched: act_ct: Fix flow table lookup after ct clear or switching zones (jsc#SLE-15172).\n- net: dsa: mv88e6xxx: MV88E6097 does not support jumbo configuration (git-fixes).\n- net: ethernet: ti: cpsw: disable PTPv1 hw timestamping advertisement (git-fixes).\n- net: fix up skbs delta_truesize in UDP GRO frag_list (bsc#1176447).\n- net: hns3: Clear the CMDQ registers before unmapping BAR region (git-fixes).\n- net: phy: DP83822: clear MISR2 register to disable interrupts (git-fixes).\n- net: sfc: Replace in_interrupt() usage (git-fixes).\n- net: tipc: validate domain record count on input (bsc#1195254).\n- net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990 (git-fixes).\n- netfilter: nf_tables: fix memory leak during stateful obj update (bsc#1176447).\n- netsec: ignore \u0027phy-mode\u0027 device property on ACPI systems (git-fixes).\n- nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac() (git-fixes).\n- nl80211: Handle nla_memdup failures in handle_nan_filter (git-fixes).\n- ntb: intel: fix port config status offset for SPR (git-fixes).\n- nvme-multipath: use vmalloc for ANA log buffer (bsc#1193787).\n- nvme-rdma: fix possible use-after-free in transport error_recovery work (git-fixes).\n- nvme-tcp: fix possible use-after-free in transport error_recovery work (git-fixes).\n- nvme: fix a possible use-after-free in controller reset during load (git-fixes).\n- powerpc/dma: Fallback to dma_ops when persistent memory present (bsc#1196472 ltc#192278). Update config files.\n- powerpc/fadump: register for fadump as early as possible (bsc#1179439 ltc#190038).\n- powerpc/mm: Remove dcache flush from memory remove (bsc#1196433 ltc#196449).\n- powerpc/powernv/memtrace: Fix dcache flushing (bsc#1196433 ltc#196449).\n- powerpc/pseries/iommu: Fix window size for direct mapping with pmem (bsc#1196472 ltc#192278).\n- rpm/*.spec.in: Use https:// urls\n- rpm/arch-symbols,guards,*driver: Replace Novell with SUSE.\n- rpm/check-for-config-changes: Ignore PAHOLE_VERSION.\n- rpm/kernel-docs.spec.in: use %%license for license declarations Limited to SLE15+ to avoid compatibility nightmares.\n- rpm/kernel-source.spec.in: call fdupes per subpackage It is a waste of time to do a global fdupes when we have subpackages.\n- rpm: SC2006: Use $(...) notation instead of legacy backticked `...`.\n- sched/core: Mitigate race (git-fixes)\n- scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put() (git-fixes).\n- scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe (git-fixes).\n- scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write() (git-fixes).\n- scsi: nsp_cs: Check of ioremap return value (git-fixes).\n- scsi: qedf: Fix potential dereference of NULL pointer (git-fixes).\n- scsi: smartpqi: Add PCI IDs (bsc#1196627).\n- scsi: ufs: Fix race conditions related to driver data (git-fixes).\n- selftests: mlxsw: tc_police_scale: Make test more robust (bsc#1176774).\n- soc: fsl: Correct MAINTAINERS database (QUICC ENGINE LIBRARY) (git-fixes).\n- soc: fsl: Correct MAINTAINERS database (SOC) (git-fixes).\n- soc: fsl: qe: Check of ioremap return value (git-fixes).\n- spi: spi-zynq-qspi: Fix a NULL pointer dereference in zynq_qspi_exec_mem_op() (git-fixes).\n- sr9700: sanity check for packet length (bsc#1196836).\n- staging: gdm724x: fix use after free in gdm_lte_rx() (git-fixes).\n- tracing: Fix return value of __setup handlers (git-fixes).\n- tty: n_gsm: fix encoding of control signal octet bit DV (git-fixes).\n- tty: n_gsm: fix proper link termination after failed open (git-fixes).\n- usb: dwc2: Fix Stalling a Non-Isochronous OUT EP (git-fixes).\n- usb: dwc2: gadget: Fix GOUTNAK flow for Slave mode (git-fixes).\n- usb: dwc2: gadget: Fix kill_all_requests race (git-fixes).\n- usb: dwc2: use well defined macros for power_down (git-fixes).\n- usb: dwc3: gadget: Let the interrupt handler disable bottom halves (git-fixes).\n- usb: dwc3: meson-g12a: Disable the regulator in the error handling path of the probe (git-fixes).\n- usb: dwc3: pci: Fix Bay Trail phy GPIO mappings (git-fixes).\n- usb: gadget: rndis: add spinlock for rndis response list (git-fixes).\n- usb: host: xen-hcd: add missing unlock in error path (git-fixes).\n- usb: hub: Fix locking issues with address0_mutex (git-fixes).\n- usb: hub: Fix usb enumeration issue due to address0 race (git-fixes).\n- vrf: Fix fast path output packet handling with async Netfilter rules (git-fixes).\n- xen/usb: do not use gnttab_end_foreign_access() in xenhcd_gnttab_done() (bsc#1196488, XSA-396).\n- xhci: Prevent futile URB re-submissions due to incorrect return value (git-fixes).\n- xhci: re-initialize the HC during resume if HCE was set (git-fixes).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-SLE-15.3-2022-1039,openSUSE-SLE-15.4-2022-1039",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2022_1039-1.json"
      },
      {
        "category": "self",
        "summary": "URL for openSUSE-SU-2022:1039-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XWMVMDEM47CT6AQ4RWZEZZJSH2G2J4CV/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for openSUSE-SU-2022:1039-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XWMVMDEM47CT6AQ4RWZEZZJSH2G2J4CV/"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1176447",
        "url": "https://bugzilla.suse.com/1176447"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1176774",
        "url": "https://bugzilla.suse.com/1176774"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1178134",
        "url": "https://bugzilla.suse.com/1178134"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1179439",
        "url": "https://bugzilla.suse.com/1179439"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1181147",
        "url": "https://bugzilla.suse.com/1181147"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1191428",
        "url": "https://bugzilla.suse.com/1191428"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1192273",
        "url": "https://bugzilla.suse.com/1192273"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193731",
        "url": "https://bugzilla.suse.com/1193731"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193787",
        "url": "https://bugzilla.suse.com/1193787"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193864",
        "url": "https://bugzilla.suse.com/1193864"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194463",
        "url": "https://bugzilla.suse.com/1194463"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194516",
        "url": "https://bugzilla.suse.com/1194516"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194943",
        "url": "https://bugzilla.suse.com/1194943"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195051",
        "url": "https://bugzilla.suse.com/1195051"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195211",
        "url": "https://bugzilla.suse.com/1195211"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195254",
        "url": "https://bugzilla.suse.com/1195254"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195353",
        "url": "https://bugzilla.suse.com/1195353"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195403",
        "url": "https://bugzilla.suse.com/1195403"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195612",
        "url": "https://bugzilla.suse.com/1195612"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195897",
        "url": "https://bugzilla.suse.com/1195897"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195905",
        "url": "https://bugzilla.suse.com/1195905"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195939",
        "url": "https://bugzilla.suse.com/1195939"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195949",
        "url": "https://bugzilla.suse.com/1195949"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195987",
        "url": "https://bugzilla.suse.com/1195987"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196079",
        "url": "https://bugzilla.suse.com/1196079"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196095",
        "url": "https://bugzilla.suse.com/1196095"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196130",
        "url": "https://bugzilla.suse.com/1196130"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196132",
        "url": "https://bugzilla.suse.com/1196132"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196155",
        "url": "https://bugzilla.suse.com/1196155"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196299",
        "url": "https://bugzilla.suse.com/1196299"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196301",
        "url": "https://bugzilla.suse.com/1196301"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196433",
        "url": "https://bugzilla.suse.com/1196433"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196468",
        "url": "https://bugzilla.suse.com/1196468"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196472",
        "url": "https://bugzilla.suse.com/1196472"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196488",
        "url": "https://bugzilla.suse.com/1196488"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196627",
        "url": "https://bugzilla.suse.com/1196627"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196723",
        "url": "https://bugzilla.suse.com/1196723"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196779",
        "url": "https://bugzilla.suse.com/1196779"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196830",
        "url": "https://bugzilla.suse.com/1196830"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196836",
        "url": "https://bugzilla.suse.com/1196836"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196866",
        "url": "https://bugzilla.suse.com/1196866"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196868",
        "url": "https://bugzilla.suse.com/1196868"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196956",
        "url": "https://bugzilla.suse.com/1196956"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196959",
        "url": "https://bugzilla.suse.com/1196959"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-0920 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-0920/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39657 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39657/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39698 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39698/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-44879 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-44879/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-45402 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-45402/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0487 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0487/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0617 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0617/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0644 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0644/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-23036 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-23036/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-23037 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-23037/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-23038 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-23038/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-23039 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-23039/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-23040 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-23040/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-23041 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-23041/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-23042 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-23042/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24448 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24448/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24958 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24958/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24959 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24959/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-25258 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-25258/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-25636 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-25636/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-26490 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-26490/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-26966 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-26966/"
      }
    ],
    "title": "Security update for the Linux Kernel",
    "tracking": {
      "current_release_date": "2022-03-30T07:38:27Z",
      "generator": {
        "date": "2022-03-30T07:38:27Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2022:1039-1",
      "initial_release_date": "2022-03-30T07:38:27Z",
      "revision_history": [
        {
          "date": "2022-03-30T07:38:27Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dlm-kmp-default-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-al-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-al-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-al-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-allwinner-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-altera-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-altera-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-altera-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-amd-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-amd-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-amd-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-amlogic-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-apm-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-apm-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-apm-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-arm-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-arm-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-arm-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-broadcom-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-cavium-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-cavium-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-cavium-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-exynos-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-exynos-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-exynos-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-freescale-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-freescale-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-freescale-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-hisilicon-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-lg-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-lg-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-lg-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-marvell-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-marvell-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-marvell-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-mediatek-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-nvidia-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-qcom-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-qcom-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-qcom-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-renesas-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-renesas-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-renesas-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-rockchip-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-socionext-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-socionext-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-socionext-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-sprd-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-sprd-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-sprd-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-xilinx-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-zte-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "dtb-zte-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "dtb-zte-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-64kb-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-64kb-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-64kb-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-default-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-default-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
                "product": {
                  "name": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
                  "product_id": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
                "product": {
                  "name": "kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
                  "product_id": "kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-default-devel-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-default-extra-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-default-optional-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-obs-build-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-obs-qa-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-preempt-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-preempt-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-preempt-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kernel-syms-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kernel-syms-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
                "product": {
                  "name": "reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
                  "product_id": "reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-devel-5.3.18-150300.59.60.4.noarch",
                "product": {
                  "name": "kernel-devel-5.3.18-150300.59.60.4.noarch",
                  "product_id": "kernel-devel-5.3.18-150300.59.60.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-docs-5.3.18-150300.59.60.4.noarch",
                "product": {
                  "name": "kernel-docs-5.3.18-150300.59.60.4.noarch",
                  "product_id": "kernel-docs-5.3.18-150300.59.60.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-docs-html-5.3.18-150300.59.60.4.noarch",
                "product": {
                  "name": "kernel-docs-html-5.3.18-150300.59.60.4.noarch",
                  "product_id": "kernel-docs-html-5.3.18-150300.59.60.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-macros-5.3.18-150300.59.60.4.noarch",
                "product": {
                  "name": "kernel-macros-5.3.18-150300.59.60.4.noarch",
                  "product_id": "kernel-macros-5.3.18-150300.59.60.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-5.3.18-150300.59.60.4.noarch",
                "product": {
                  "name": "kernel-source-5.3.18-150300.59.60.4.noarch",
                  "product_id": "kernel-source-5.3.18-150300.59.60.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
                "product": {
                  "name": "kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
                  "product_id": "kernel-source-vanilla-5.3.18-150300.59.60.4.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "kernel-debug-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "kernel-debug-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "kernel-default-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "kernel-default-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
                "product": {
                  "name": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
                  "product_id": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
                "product": {
                  "name": "kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
                  "product_id": "kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "kernel-default-devel-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "kernel-default-extra-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "kernel-default-optional-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "kernel-obs-build-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "kernel-syms-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "kernel-syms-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
                "product": {
                  "name": "reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
                  "product_id": "reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
                "product": {
                  "name": "cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
                  "product_id": "cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
                "product": {
                  "name": "dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
                  "product_id": "dlm-kmp-default-5.3.18-150300.59.60.4.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
                "product": {
                  "name": "gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
                  "product_id": "gfs2-kmp-default-5.3.18-150300.59.60.4.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-5.3.18-150300.59.60.4.s390x",
                "product": {
                  "name": "kernel-default-5.3.18-150300.59.60.4.s390x",
                  "product_id": "kernel-default-5.3.18-150300.59.60.4.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
                "product": {
                  "name": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
                  "product_id": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
                "product": {
                  "name": "kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
                  "product_id": "kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-5.3.18-150300.59.60.4.s390x",
                "product": {
                  "name": "kernel-default-devel-5.3.18-150300.59.60.4.s390x",
                  "product_id": "kernel-default-devel-5.3.18-150300.59.60.4.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-5.3.18-150300.59.60.4.s390x",
                "product": {
                  "name": "kernel-default-extra-5.3.18-150300.59.60.4.s390x",
                  "product_id": "kernel-default-extra-5.3.18-150300.59.60.4.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
                "product": {
                  "name": "kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
                  "product_id": "kernel-default-livepatch-5.3.18-150300.59.60.4.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
                "product": {
                  "name": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
                  "product_id": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-optional-5.3.18-150300.59.60.4.s390x",
                "product": {
                  "name": "kernel-default-optional-5.3.18-150300.59.60.4.s390x",
                  "product_id": "kernel-default-optional-5.3.18-150300.59.60.4.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-5.3.18-150300.59.60.4.s390x",
                "product": {
                  "name": "kernel-obs-build-5.3.18-150300.59.60.4.s390x",
                  "product_id": "kernel-obs-build-5.3.18-150300.59.60.4.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
                "product": {
                  "name": "kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
                  "product_id": "kernel-obs-qa-5.3.18-150300.59.60.4.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-5.3.18-150300.59.60.4.s390x",
                "product": {
                  "name": "kernel-syms-5.3.18-150300.59.60.4.s390x",
                  "product_id": "kernel-syms-5.3.18-150300.59.60.4.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
                "product": {
                  "name": "kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
                  "product_id": "kernel-zfcpdump-5.3.18-150300.59.60.4.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
                "product": {
                  "name": "kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
                  "product_id": "kselftests-kmp-default-5.3.18-150300.59.60.4.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
                "product": {
                  "name": "ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
                  "product_id": "ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
                "product": {
                  "name": "reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
                  "product_id": "reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "dlm-kmp-default-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-debug-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-debug-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-debug-devel-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-default-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-default-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
                "product": {
                  "name": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
                  "product_id": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
                "product": {
                  "name": "kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
                  "product_id": "kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-default-devel-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-default-extra-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-default-optional-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-obs-build-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-obs-qa-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-preempt-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-preempt-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-preempt-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kernel-syms-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kernel-syms-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
                "product": {
                  "name": "reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
                  "product_id": "reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.3",
                "product": {
                  "name": "openSUSE Leap 15.3",
                  "product_id": "openSUSE Leap 15.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.3"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le"
        },
        "product_reference": "cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x"
        },
        "product_reference": "cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le"
        },
        "product_reference": "dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-5.3.18-150300.59.60.4.s390x as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x"
        },
        "product_reference": "dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-5.3.18-150300.59.60.4.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-al-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "dtb-al-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-allwinner-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-altera-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "dtb-altera-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-amd-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "dtb-amd-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-amlogic-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-apm-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "dtb-apm-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-arm-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "dtb-arm-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-broadcom-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-cavium-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "dtb-cavium-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-exynos-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "dtb-exynos-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-freescale-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "dtb-freescale-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-hisilicon-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-lg-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "dtb-lg-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-marvell-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "dtb-marvell-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-mediatek-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-nvidia-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-qcom-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "dtb-qcom-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-renesas-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "dtb-renesas-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-rockchip-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-socionext-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "dtb-socionext-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-sprd-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "dtb-sprd-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-xilinx-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dtb-zte-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "dtb-zte-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le"
        },
        "product_reference": "gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-5.3.18-150300.59.60.4.s390x as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x"
        },
        "product_reference": "gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-64kb-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "kernel-64kb-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-debug-5.3.18-150300.59.60.4.ppc64le as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le"
        },
        "product_reference": "kernel-debug-5.3.18-150300.59.60.4.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-debug-5.3.18-150300.59.60.4.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "kernel-debug-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le"
        },
        "product_reference": "kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-debug-devel-5.3.18-150300.59.60.4.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le"
        },
        "product_reference": "kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "kernel-default-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.3.18-150300.59.60.4.ppc64le as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le"
        },
        "product_reference": "kernel-default-5.3.18-150300.59.60.4.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.3.18-150300.59.60.4.s390x as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x"
        },
        "product_reference": "kernel-default-5.3.18-150300.59.60.4.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.3.18-150300.59.60.4.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "kernel-default-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64"
        },
        "product_reference": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le"
        },
        "product_reference": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x"
        },
        "product_reference": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64"
        },
        "product_reference": "kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64"
        },
        "product_reference": "kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le"
        },
        "product_reference": "kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x"
        },
        "product_reference": "kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64"
        },
        "product_reference": "kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.3.18-150300.59.60.4.ppc64le as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le"
        },
        "product_reference": "kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.3.18-150300.59.60.4.s390x as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x"
        },
        "product_reference": "kernel-default-devel-5.3.18-150300.59.60.4.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.3.18-150300.59.60.4.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-extra-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-extra-5.3.18-150300.59.60.4.ppc64le as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le"
        },
        "product_reference": "kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-extra-5.3.18-150300.59.60.4.s390x as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x"
        },
        "product_reference": "kernel-default-extra-5.3.18-150300.59.60.4.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-extra-5.3.18-150300.59.60.4.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le"
        },
        "product_reference": "kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-5.3.18-150300.59.60.4.s390x as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x"
        },
        "product_reference": "kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le"
        },
        "product_reference": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x"
        },
        "product_reference": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-optional-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-optional-5.3.18-150300.59.60.4.ppc64le as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le"
        },
        "product_reference": "kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-optional-5.3.18-150300.59.60.4.s390x as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x"
        },
        "product_reference": "kernel-default-optional-5.3.18-150300.59.60.4.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-optional-5.3.18-150300.59.60.4.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-5.3.18-150300.59.60.4.noarch as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch"
        },
        "product_reference": "kernel-devel-5.3.18-150300.59.60.4.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-docs-5.3.18-150300.59.60.4.noarch as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch"
        },
        "product_reference": "kernel-docs-5.3.18-150300.59.60.4.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-docs-html-5.3.18-150300.59.60.4.noarch as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch"
        },
        "product_reference": "kernel-docs-html-5.3.18-150300.59.60.4.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le"
        },
        "product_reference": "kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le"
        },
        "product_reference": "kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le"
        },
        "product_reference": "kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-5.3.18-150300.59.60.4.noarch as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch"
        },
        "product_reference": "kernel-macros-5.3.18-150300.59.60.4.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.3.18-150300.59.60.4.ppc64le as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le"
        },
        "product_reference": "kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.3.18-150300.59.60.4.s390x as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x"
        },
        "product_reference": "kernel-obs-build-5.3.18-150300.59.60.4.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.3.18-150300.59.60.4.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-qa-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le"
        },
        "product_reference": "kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-qa-5.3.18-150300.59.60.4.s390x as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x"
        },
        "product_reference": "kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-qa-5.3.18-150300.59.60.4.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "kernel-preempt-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-5.3.18-150300.59.60.4.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "kernel-preempt-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-5.3.18-150300.59.60.4.noarch as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch"
        },
        "product_reference": "kernel-source-5.3.18-150300.59.60.4.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-vanilla-5.3.18-150300.59.60.4.noarch as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch"
        },
        "product_reference": "kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "kernel-syms-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.3.18-150300.59.60.4.ppc64le as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le"
        },
        "product_reference": "kernel-syms-5.3.18-150300.59.60.4.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.3.18-150300.59.60.4.s390x as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x"
        },
        "product_reference": "kernel-syms-5.3.18-150300.59.60.4.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.3.18-150300.59.60.4.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "kernel-syms-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-zfcpdump-5.3.18-150300.59.60.4.s390x as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x"
        },
        "product_reference": "kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le"
        },
        "product_reference": "kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kselftests-kmp-default-5.3.18-150300.59.60.4.s390x as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x"
        },
        "product_reference": "kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le"
        },
        "product_reference": "ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x"
        },
        "product_reference": "ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le"
        },
        "product_reference": "reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x"
        },
        "product_reference": "reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64"
        },
        "product_reference": "reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
        },
        "product_reference": "reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-0920",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-0920"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196926917References: Upstream kernel",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-0920",
          "url": "https://www.suse.com/security/cve/CVE-2021-0920"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1193731 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1193731"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194463 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1194463"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195939 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1195939"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199255 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1199255"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200084 for CVE-2021-0920",
          "url": "https://bugzilla.suse.com/1200084"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:27Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-0920"
    },
    {
      "cve": "CVE-2021-39657",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39657"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In ufshcd_eh_device_reset_handler of ufshcd.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-194696049References: Upstream kernel",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39657",
          "url": "https://www.suse.com/security/cve/CVE-2021-39657"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1193864 for CVE-2021-39657",
          "url": "https://bugzilla.suse.com/1193864"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:27Z",
          "details": "low"
        }
      ],
      "title": "CVE-2021-39657"
    },
    {
      "cve": "CVE-2021-39698",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39698"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In aio_poll_complete_work of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-185125206References: Upstream kernel",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39698",
          "url": "https://www.suse.com/security/cve/CVE-2021-39698"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196956 for CVE-2021-39698",
          "url": "https://bugzilla.suse.com/1196956"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196959 for CVE-2021-39698",
          "url": "https://bugzilla.suse.com/1196959"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1209225 for CVE-2021-39698",
          "url": "https://bugzilla.suse.com/1209225"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:27Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-39698"
    },
    {
      "cve": "CVE-2021-44879",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-44879"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-44879",
          "url": "https://www.suse.com/security/cve/CVE-2021-44879"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195987 for CVE-2021-44879",
          "url": "https://bugzilla.suse.com/1195987"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:27Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-44879"
    },
    {
      "cve": "CVE-2021-45402",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-45402"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The check_alu_op() function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did not properly update bounds while handling the mov32 instruction, which allows local users to obtain potentially sensitive address information, aka a \"pointer leak.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-45402",
          "url": "https://www.suse.com/security/cve/CVE-2021-45402"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196130 for CVE-2021-45402",
          "url": "https://bugzilla.suse.com/1196130"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:27Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-45402"
    },
    {
      "cve": "CVE-2022-0487",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0487"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0487",
          "url": "https://www.suse.com/security/cve/CVE-2022-0487"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194516 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1194516"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195949 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1195949"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198615 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1198615"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:27Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-0487"
    },
    {
      "cve": "CVE-2022-0617",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0617"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0617",
          "url": "https://www.suse.com/security/cve/CVE-2022-0617"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196079 for CVE-2022-0617",
          "url": "https://bugzilla.suse.com/1196079"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:27Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0617"
    },
    {
      "cve": "CVE-2022-0644",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0644"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0644",
          "url": "https://www.suse.com/security/cve/CVE-2022-0644"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196155 for CVE-2022-0644",
          "url": "https://bugzilla.suse.com/1196155"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:27Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0644"
    },
    {
      "cve": "CVE-2022-23036",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-23036"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn\u0027t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-23036",
          "url": "https://www.suse.com/security/cve/CVE-2022-23036"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196488 for CVE-2022-23036",
          "url": "https://bugzilla.suse.com/1196488"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199099 for CVE-2022-23036",
          "url": "https://bugzilla.suse.com/1199099"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199141 for CVE-2022-23036",
          "url": "https://bugzilla.suse.com/1199141"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-23036",
          "url": "https://bugzilla.suse.com/1204132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:27Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-23036"
    },
    {
      "cve": "CVE-2022-23037",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-23037"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn\u0027t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-23037",
          "url": "https://www.suse.com/security/cve/CVE-2022-23037"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196488 for CVE-2022-23037",
          "url": "https://bugzilla.suse.com/1196488"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199099 for CVE-2022-23037",
          "url": "https://bugzilla.suse.com/1199099"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199141 for CVE-2022-23037",
          "url": "https://bugzilla.suse.com/1199141"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-23037",
          "url": "https://bugzilla.suse.com/1204132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:27Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-23037"
    },
    {
      "cve": "CVE-2022-23038",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-23038"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn\u0027t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-23038",
          "url": "https://www.suse.com/security/cve/CVE-2022-23038"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196488 for CVE-2022-23038",
          "url": "https://bugzilla.suse.com/1196488"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199099 for CVE-2022-23038",
          "url": "https://bugzilla.suse.com/1199099"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199141 for CVE-2022-23038",
          "url": "https://bugzilla.suse.com/1199141"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-23038",
          "url": "https://bugzilla.suse.com/1204132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:27Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-23038"
    },
    {
      "cve": "CVE-2022-23039",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-23039"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn\u0027t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-23039",
          "url": "https://www.suse.com/security/cve/CVE-2022-23039"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196488 for CVE-2022-23039",
          "url": "https://bugzilla.suse.com/1196488"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199099 for CVE-2022-23039",
          "url": "https://bugzilla.suse.com/1199099"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199141 for CVE-2022-23039",
          "url": "https://bugzilla.suse.com/1199141"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-23039",
          "url": "https://bugzilla.suse.com/1204132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:27Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-23039"
    },
    {
      "cve": "CVE-2022-23040",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-23040"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn\u0027t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-23040",
          "url": "https://www.suse.com/security/cve/CVE-2022-23040"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196488 for CVE-2022-23040",
          "url": "https://bugzilla.suse.com/1196488"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199099 for CVE-2022-23040",
          "url": "https://bugzilla.suse.com/1199099"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199141 for CVE-2022-23040",
          "url": "https://bugzilla.suse.com/1199141"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-23040",
          "url": "https://bugzilla.suse.com/1204132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:27Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-23040"
    },
    {
      "cve": "CVE-2022-23041",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-23041"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn\u0027t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-23041",
          "url": "https://www.suse.com/security/cve/CVE-2022-23041"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196488 for CVE-2022-23041",
          "url": "https://bugzilla.suse.com/1196488"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199099 for CVE-2022-23041",
          "url": "https://bugzilla.suse.com/1199099"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199141 for CVE-2022-23041",
          "url": "https://bugzilla.suse.com/1199141"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-23041",
          "url": "https://bugzilla.suse.com/1204132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:27Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-23041"
    },
    {
      "cve": "CVE-2022-23042",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-23042"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn\u0027t check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-23042",
          "url": "https://www.suse.com/security/cve/CVE-2022-23042"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196488 for CVE-2022-23042",
          "url": "https://bugzilla.suse.com/1196488"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199099 for CVE-2022-23042",
          "url": "https://bugzilla.suse.com/1199099"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199141 for CVE-2022-23042",
          "url": "https://bugzilla.suse.com/1199141"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204132 for CVE-2022-23042",
          "url": "https://bugzilla.suse.com/1204132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:27Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-23042"
    },
    {
      "cve": "CVE-2022-24448",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24448"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file descriptor.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24448",
          "url": "https://www.suse.com/security/cve/CVE-2022-24448"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195612 for CVE-2022-24448",
          "url": "https://bugzilla.suse.com/1195612"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:27Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24448"
    },
    {
      "cve": "CVE-2022-24958",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24958"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev-\u003ebuf release.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24958",
          "url": "https://www.suse.com/security/cve/CVE-2022-24958"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195905 for CVE-2022-24958",
          "url": "https://bugzilla.suse.com/1195905"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:27Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24958"
    },
    {
      "cve": "CVE-2022-24959",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24959"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in yam_siocdevprivate in drivers/net/hamradio/yam.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24959",
          "url": "https://www.suse.com/security/cve/CVE-2022-24959"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195897 for CVE-2022-24959",
          "url": "https://bugzilla.suse.com/1195897"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:27Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24959"
    },
    {
      "cve": "CVE-2022-25258",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-25258"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory corruption might occur.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-25258",
          "url": "https://www.suse.com/security/cve/CVE-2022-25258"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196095 for CVE-2022-25258",
          "url": "https://bugzilla.suse.com/1196095"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196132 for CVE-2022-25258",
          "url": "https://bugzilla.suse.com/1196132"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:27Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-25258"
    },
    {
      "cve": "CVE-2022-25636",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-25636"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-25636",
          "url": "https://www.suse.com/security/cve/CVE-2022-25636"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196299 for CVE-2022-25636",
          "url": "https://bugzilla.suse.com/1196299"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196301 for CVE-2022-25636",
          "url": "https://bugzilla.suse.com/1196301"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:27Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-25636"
    },
    {
      "cve": "CVE-2022-26490",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-26490"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-26490",
          "url": "https://www.suse.com/security/cve/CVE-2022-26490"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196830 for CVE-2022-26490",
          "url": "https://bugzilla.suse.com/1196830"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201656 for CVE-2022-26490",
          "url": "https://bugzilla.suse.com/1201656"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201969 for CVE-2022-26490",
          "url": "https://bugzilla.suse.com/1201969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1211495 for CVE-2022-26490",
          "url": "https://bugzilla.suse.com/1211495"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:27Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-26490"
    },
    {
      "cve": "CVE-2022-26966",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-26966"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in the Linux kernel before 5.16.12. drivers/net/usb/sr9700.c allows attackers to obtain sensitive information from heap memory via crafted frame lengths from a device.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
          "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
          "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
          "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-26966",
          "url": "https://www.suse.com/security/cve/CVE-2022-26966"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196836 for CVE-2022-26966",
          "url": "https://bugzilla.suse.com/1196836"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.aarch64",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.ppc64le",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.s390x",
            "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.60.4.150300.18.37.5.x86_64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.60.4.noarch",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.ppc64le",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.s390x",
            "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.60.4.x86_64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64",
            "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-30T07:38:27Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-26966"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes.\n\n\nTransient execution side-channel attacks attacking the Branch History Buffer (BHB),\nnamed \u0027Branch Target Injection\u0027 and \u0027Intra-Mode Branch History Injection\u0027 are now mitigated.\n\nThe following security bugs were fixed:\n\n- CVE-2022-0001: Fixed Branch History Injection vulnerability (bsc#1191580).\n- CVE-2022-0002: Fixed Intra-Mode Branch Target Injection vulnerability (bsc#1191580).\n- CVE-2022-0847: Fixed a vulnerability were a local attackers could overwrite data in arbitrary (read-only) files (bsc#1196584).\n- CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image. (bsc#1196079)\n- CVE-2022-0644: Fixed a denial of service by a local user. A assertion failure could be triggered in kernel_read_file_from_fd() (bsc#1196155).\n- CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were not considered, which lead to a move_data_page NULL pointer dereference (bsc#1195987).\n- CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in drivers/net/hamradio/yam.c (bsc#1195897).\n- CVE-2022-0487: A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c (bsc#1194516).\n- CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly (bsc#1195543).\n- CVE-2022-24448: Fixed an issue in fs/nfs/dir.c. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should have occured, but the server instead returned uninitialized data in the file descriptor (bsc#1195612).\n\n\nThe following non-security bugs were fixed:\n\n- crypto: af_alg - get_page upon reassignment to TX SGL (bsc#1195840).\n- lib/iov_iter: initialize \u0027flags\u0027 in new pipe_buffer (bsc#1196584).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-SLE-15.3-2022-768,openSUSE-SLE-15.4-2022-768",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2022_0768-1.json"
      },
      {
        "category": "self",
        "summary": "URL for openSUSE-SU-2022:0768-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MWGLT5YBYSSX5MP2JBKT3N3QV2IWMC5F/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for openSUSE-SU-2022:0768-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MWGLT5YBYSSX5MP2JBKT3N3QV2IWMC5F/"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1185973",
        "url": "https://bugzilla.suse.com/1185973"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1191580",
        "url": "https://bugzilla.suse.com/1191580"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1194516",
        "url": "https://bugzilla.suse.com/1194516"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195536",
        "url": "https://bugzilla.suse.com/1195536"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195543",
        "url": "https://bugzilla.suse.com/1195543"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195612",
        "url": "https://bugzilla.suse.com/1195612"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195840",
        "url": "https://bugzilla.suse.com/1195840"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195897",
        "url": "https://bugzilla.suse.com/1195897"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195908",
        "url": "https://bugzilla.suse.com/1195908"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195949",
        "url": "https://bugzilla.suse.com/1195949"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1195987",
        "url": "https://bugzilla.suse.com/1195987"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196079",
        "url": "https://bugzilla.suse.com/1196079"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196155",
        "url": "https://bugzilla.suse.com/1196155"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196584",
        "url": "https://bugzilla.suse.com/1196584"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1196612",
        "url": "https://bugzilla.suse.com/1196612"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-44879 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-44879/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0001 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0001/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0002 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0002/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0487 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0487/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0492 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0492/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0617 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0617/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0644 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0644/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-0847 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-0847/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24448 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24448/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24959 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24959/"
      }
    ],
    "title": "Security update for the Linux Kernel",
    "tracking": {
      "current_release_date": "2022-03-09T09:09:29Z",
      "generator": {
        "date": "2022-03-09T09:09:29Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2022:0768-1",
      "initial_release_date": "2022-03-09T09:09:29Z",
      "revision_history": [
        {
          "date": "2022-03-09T09:09:29Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-vanilla-4.12.14-197.108.1.aarch64",
                "product": {
                  "name": "kernel-vanilla-4.12.14-197.108.1.aarch64",
                  "product_id": "kernel-vanilla-4.12.14-197.108.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-base-4.12.14-197.108.1.aarch64",
                "product": {
                  "name": "kernel-vanilla-base-4.12.14-197.108.1.aarch64",
                  "product_id": "kernel-vanilla-base-4.12.14-197.108.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
                "product": {
                  "name": "kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
                  "product_id": "kernel-vanilla-devel-4.12.14-197.108.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
                "product": {
                  "name": "kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
                  "product_id": "kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-debug-base-4.12.14-197.108.1.ppc64le",
                "product": {
                  "name": "kernel-debug-base-4.12.14-197.108.1.ppc64le",
                  "product_id": "kernel-debug-base-4.12.14-197.108.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-4.12.14-197.108.1.ppc64le",
                "product": {
                  "name": "kernel-vanilla-4.12.14-197.108.1.ppc64le",
                  "product_id": "kernel-vanilla-4.12.14-197.108.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
                "product": {
                  "name": "kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
                  "product_id": "kernel-vanilla-base-4.12.14-197.108.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
                "product": {
                  "name": "kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
                  "product_id": "kernel-vanilla-devel-4.12.14-197.108.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
                "product": {
                  "name": "kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
                  "product_id": "kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-default-man-4.12.14-197.108.1.s390x",
                "product": {
                  "name": "kernel-default-man-4.12.14-197.108.1.s390x",
                  "product_id": "kernel-default-man-4.12.14-197.108.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-4.12.14-197.108.1.s390x",
                "product": {
                  "name": "kernel-vanilla-4.12.14-197.108.1.s390x",
                  "product_id": "kernel-vanilla-4.12.14-197.108.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-base-4.12.14-197.108.1.s390x",
                "product": {
                  "name": "kernel-vanilla-base-4.12.14-197.108.1.s390x",
                  "product_id": "kernel-vanilla-base-4.12.14-197.108.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-devel-4.12.14-197.108.1.s390x",
                "product": {
                  "name": "kernel-vanilla-devel-4.12.14-197.108.1.s390x",
                  "product_id": "kernel-vanilla-devel-4.12.14-197.108.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
                "product": {
                  "name": "kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
                  "product_id": "kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-zfcpdump-man-4.12.14-197.108.1.s390x",
                "product": {
                  "name": "kernel-zfcpdump-man-4.12.14-197.108.1.s390x",
                  "product_id": "kernel-zfcpdump-man-4.12.14-197.108.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-debug-base-4.12.14-197.108.1.x86_64",
                "product": {
                  "name": "kernel-debug-base-4.12.14-197.108.1.x86_64",
                  "product_id": "kernel-debug-base-4.12.14-197.108.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
                "product": {
                  "name": "kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
                  "product_id": "kernel-kvmsmall-base-4.12.14-197.108.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-4.12.14-197.108.1.x86_64",
                "product": {
                  "name": "kernel-vanilla-4.12.14-197.108.1.x86_64",
                  "product_id": "kernel-vanilla-4.12.14-197.108.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-base-4.12.14-197.108.1.x86_64",
                "product": {
                  "name": "kernel-vanilla-base-4.12.14-197.108.1.x86_64",
                  "product_id": "kernel-vanilla-base-4.12.14-197.108.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
                "product": {
                  "name": "kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
                  "product_id": "kernel-vanilla-devel-4.12.14-197.108.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
                "product": {
                  "name": "kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
                  "product_id": "kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.3",
                "product": {
                  "name": "openSUSE Leap 15.3",
                  "product_id": "openSUSE Leap 15.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.3"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-debug-base-4.12.14-197.108.1.ppc64le as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.ppc64le"
        },
        "product_reference": "kernel-debug-base-4.12.14-197.108.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-debug-base-4.12.14-197.108.1.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-debug-base-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-man-4.12.14-197.108.1.s390x as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-default-man-4.12.14-197.108.1.s390x"
        },
        "product_reference": "kernel-default-man-4.12.14-197.108.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-kvmsmall-base-4.12.14-197.108.1.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-kvmsmall-base-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-vanilla-4.12.14-197.108.1.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.aarch64"
        },
        "product_reference": "kernel-vanilla-4.12.14-197.108.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-vanilla-4.12.14-197.108.1.ppc64le as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.ppc64le"
        },
        "product_reference": "kernel-vanilla-4.12.14-197.108.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-vanilla-4.12.14-197.108.1.s390x as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.s390x"
        },
        "product_reference": "kernel-vanilla-4.12.14-197.108.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-vanilla-4.12.14-197.108.1.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-vanilla-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-vanilla-base-4.12.14-197.108.1.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.aarch64"
        },
        "product_reference": "kernel-vanilla-base-4.12.14-197.108.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-vanilla-base-4.12.14-197.108.1.ppc64le as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.ppc64le"
        },
        "product_reference": "kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-vanilla-base-4.12.14-197.108.1.s390x as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.s390x"
        },
        "product_reference": "kernel-vanilla-base-4.12.14-197.108.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-vanilla-base-4.12.14-197.108.1.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-vanilla-base-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-vanilla-devel-4.12.14-197.108.1.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.aarch64"
        },
        "product_reference": "kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-vanilla-devel-4.12.14-197.108.1.ppc64le as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.ppc64le"
        },
        "product_reference": "kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-vanilla-devel-4.12.14-197.108.1.s390x as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.s390x"
        },
        "product_reference": "kernel-vanilla-devel-4.12.14-197.108.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-vanilla-devel-4.12.14-197.108.1.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64"
        },
        "product_reference": "kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le"
        },
        "product_reference": "kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x"
        },
        "product_reference": "kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64"
        },
        "product_reference": "kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-zfcpdump-man-4.12.14-197.108.1.s390x as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:kernel-zfcpdump-man-4.12.14-197.108.1.s390x"
        },
        "product_reference": "kernel-zfcpdump-man-4.12.14-197.108.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-44879",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-44879"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-default-man-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-zfcpdump-man-4.12.14-197.108.1.s390x"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-44879",
          "url": "https://www.suse.com/security/cve/CVE-2021-44879"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195987 for CVE-2021-44879",
          "url": "https://bugzilla.suse.com/1195987"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-default-man-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-man-4.12.14-197.108.1.s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-default-man-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-man-4.12.14-197.108.1.s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T09:09:29Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-44879"
    },
    {
      "cve": "CVE-2022-0001",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0001"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-default-man-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-zfcpdump-man-4.12.14-197.108.1.s390x"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0001",
          "url": "https://www.suse.com/security/cve/CVE-2022-0001"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191580 for CVE-2022-0001",
          "url": "https://bugzilla.suse.com/1191580"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196901 for CVE-2022-0001",
          "url": "https://bugzilla.suse.com/1196901"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-default-man-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-man-4.12.14-197.108.1.s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-default-man-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-man-4.12.14-197.108.1.s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T09:09:29Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0001"
    },
    {
      "cve": "CVE-2022-0002",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0002"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-default-man-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-zfcpdump-man-4.12.14-197.108.1.s390x"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0002",
          "url": "https://www.suse.com/security/cve/CVE-2022-0002"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191580 for CVE-2022-0002",
          "url": "https://bugzilla.suse.com/1191580"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196901 for CVE-2022-0002",
          "url": "https://bugzilla.suse.com/1196901"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-default-man-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-man-4.12.14-197.108.1.s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-default-man-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-man-4.12.14-197.108.1.s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T09:09:29Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0002"
    },
    {
      "cve": "CVE-2022-0487",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0487"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-default-man-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-zfcpdump-man-4.12.14-197.108.1.s390x"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0487",
          "url": "https://www.suse.com/security/cve/CVE-2022-0487"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194516 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1194516"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195949 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1195949"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198615 for CVE-2022-0487",
          "url": "https://bugzilla.suse.com/1198615"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-default-man-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-man-4.12.14-197.108.1.s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-default-man-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-man-4.12.14-197.108.1.s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T09:09:29Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-0487"
    },
    {
      "cve": "CVE-2022-0492",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0492"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability was found in the Linux kernel\u0027s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-default-man-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-zfcpdump-man-4.12.14-197.108.1.s390x"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0492",
          "url": "https://www.suse.com/security/cve/CVE-2022-0492"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195543 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1195543"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195908 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1195908"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196612 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1196612"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196776 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1196776"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198615 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1198615"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199255 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1199255"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199615 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1199615"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200084 for CVE-2022-0492",
          "url": "https://bugzilla.suse.com/1200084"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-default-man-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-man-4.12.14-197.108.1.s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-default-man-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-man-4.12.14-197.108.1.s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T09:09:29Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-0492"
    },
    {
      "cve": "CVE-2022-0617",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0617"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-default-man-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-zfcpdump-man-4.12.14-197.108.1.s390x"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0617",
          "url": "https://www.suse.com/security/cve/CVE-2022-0617"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196079 for CVE-2022-0617",
          "url": "https://bugzilla.suse.com/1196079"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-default-man-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-man-4.12.14-197.108.1.s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-default-man-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-man-4.12.14-197.108.1.s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T09:09:29Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0617"
    },
    {
      "cve": "CVE-2022-0644",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0644"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-default-man-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-zfcpdump-man-4.12.14-197.108.1.s390x"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0644",
          "url": "https://www.suse.com/security/cve/CVE-2022-0644"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196155 for CVE-2022-0644",
          "url": "https://bugzilla.suse.com/1196155"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-default-man-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-man-4.12.14-197.108.1.s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-default-man-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-man-4.12.14-197.108.1.s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T09:09:29Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-0644"
    },
    {
      "cve": "CVE-2022-0847",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-0847"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in the way the \"flags\" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-default-man-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-zfcpdump-man-4.12.14-197.108.1.s390x"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-0847",
          "url": "https://www.suse.com/security/cve/CVE-2022-0847"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196584 for CVE-2022-0847",
          "url": "https://bugzilla.suse.com/1196584"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196601 for CVE-2022-0847",
          "url": "https://bugzilla.suse.com/1196601"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-default-man-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-man-4.12.14-197.108.1.s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-default-man-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-man-4.12.14-197.108.1.s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T09:09:29Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-0847"
    },
    {
      "cve": "CVE-2022-24448",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24448"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file descriptor.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-default-man-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-zfcpdump-man-4.12.14-197.108.1.s390x"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24448",
          "url": "https://www.suse.com/security/cve/CVE-2022-24448"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195612 for CVE-2022-24448",
          "url": "https://bugzilla.suse.com/1195612"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-default-man-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-man-4.12.14-197.108.1.s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-default-man-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-man-4.12.14-197.108.1.s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T09:09:29Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24448"
    },
    {
      "cve": "CVE-2022-24959",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24959"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in yam_siocdevprivate in drivers/net/hamradio/yam.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-default-man-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
          "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
          "openSUSE Leap 15.3:kernel-zfcpdump-man-4.12.14-197.108.1.s390x"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24959",
          "url": "https://www.suse.com/security/cve/CVE-2022-24959"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1195897 for CVE-2022-24959",
          "url": "https://bugzilla.suse.com/1195897"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-default-man-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-man-4.12.14-197.108.1.s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-debug-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-default-man-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-kvmsmall-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-base-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x",
            "openSUSE Leap 15.3:kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64",
            "openSUSE Leap 15.3:kernel-zfcpdump-man-4.12.14-197.108.1.s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-03-09T09:09:29Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24959"
    }
  ]
}

{
  "document": {
    "acknowledgments": [
      {
        "organization": "Siemens ProductCERT",
        "summary": "reporting these vulnerabilities to CISA."
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "SINEC OS before V3.1 contains third-party components with multiple vulnerabilities.\n\nSiemens has released new versions for the affected products and recommends to update to the latest versions.",
        "title": "Summary"
      },
      {
        "category": "general",
        "text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
        "title": "General Recommendations"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
        "title": "Terms of Use"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "other",
        "text": "This ICSA is a verbatim republication of Siemens ProductCERT SSA-613116 from a direct conversion of the vendor\u0027s Common Security Advisory Framework (CSAF) advisory. This is republished to CISA\u0027s website as a means of increasing visibility and is provided \"as-is\" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory.  Further, CISA does not endorse any commercial product or service.  Please contact Siemens ProductCERT directly for any questions regarding this advisory.",
        "title": "Advisory Conversion Disclaimer"
      },
      {
        "category": "other",
        "text": "Critical Manufacturing, Transportation Systems, Energy, Healthcare and Public Health, Financial Services, Government Services and Facilities",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Germany",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "central@cisa.dhs.gov",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "SSA-613116: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.1 - CSAF Version",
        "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-613116.json"
      },
      {
        "category": "self",
        "summary": "SSA-613116: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.1 - HTML Version",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-613116.html"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-25-226-15 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2025/icsa-25-226-15.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-25-226-15 - Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-15"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/topics/industrial-control-systems"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
      }
    ],
    "title": "Siemens SINEC OS",
    "tracking": {
      "current_release_date": "2025-08-12T00:00:00.000000Z",
      "generator": {
        "date": "2025-08-14T20:56:37.978177Z",
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-25-226-15",
      "initial_release_date": "2025-08-12T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2025-08-12T00:00:00.000000Z",
          "legacy_version": "1.0",
          "number": "1",
          "summary": "Publication Date"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/\u003c3.1",
                "product": {
                  "name": "RUGGEDCOM RST2428P (6GK6242-6PA00)",
                  "product_id": "CSAFPID-0001",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK6242-6PA00"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "RUGGEDCOM RST2428P (6GK6242-6PA00)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/\u003c3.1",
                "product": {
                  "name": "SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/\u003c3.1",
                "product": {
                  "name": "SCALANCE XCM-/XRM-/XCH-/XRH-300 family",
                  "product_id": "CSAFPID-0003"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XCM-/XRM-/XCH-/XRH-300 family"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-44879",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2021-44879"
    },
    {
      "cve": "CVE-2022-48935",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nf_tables: unregister flowtable hooks on netns exit",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2022-48935"
    },
    {
      "cve": "CVE-2023-3567",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-3567"
    },
    {
      "cve": "CVE-2023-5178",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a malicious local privileged user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation problem.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-5178"
    },
    {
      "cve": "CVE-2023-5678",
      "cwe": {
        "id": "CWE-606",
        "name": "Unchecked Input for Loop Condition"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn\u0027t make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn\u0027t check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the \"-pubcheck\" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-5678"
    },
    {
      "cve": "CVE-2023-5717",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A heap out-of-bounds write vulnerability in the Linux kernel\u0027s Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation.\r\n\r\nIf perf_read_group() is called while an event\u0027s sibling_list is smaller than its child\u0027s sibling_list, it can increment or write to memory locations outside of the allocated buffer.\r\n\r\nWe recommend upgrading past commit 32671e3799ca2e4590773fd0e63aaa4229e50c06.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-5717"
    },
    {
      "cve": "CVE-2023-6040",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family); While creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_newtable` function enables an attacker to achieve out-of-bounds access.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-6040"
    },
    {
      "cve": "CVE-2023-6121",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the kernel ring buffer (dmesg).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-6121"
    },
    {
      "cve": "CVE-2023-6606",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-6606"
    },
    {
      "cve": "CVE-2023-6931",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A heap out-of-bounds write vulnerability in the Linux kernel\u0027s Performance Events system component can be exploited to achieve local privilege escalation.\n\nA perf_event\u0027s read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group().\n\nWe recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-6931"
    },
    {
      "cve": "CVE-2023-6932",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s ipv4: igmp component can be exploited to achieve local privilege escalation.\n\nA race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread.\n\nWe recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-6932"
    },
    {
      "cve": "CVE-2023-35827",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel through 6.3.8. A use-after-free was found in ravb_remove in drivers/net/ethernet/renesas/ravb_main.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-35827"
    },
    {
      "cve": "CVE-2023-39198",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the qxl_gem_object_create_with_handle(), but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the returned handle value and trigger a use-after-free issue, potentially leading to a denial of service or privilege escalation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-39198"
    },
    {
      "cve": "CVE-2023-45863",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in a fill_kobj_path out-of-bounds write.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-45863"
    },
    {
      "cve": "CVE-2023-46343",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel before 6.5.9, there is a NULL pointer dereference in send_acknowledge in net/nfc/nci/spi.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-46343"
    },
    {
      "cve": "CVE-2023-51779",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-51779"
    },
    {
      "cve": "CVE-2023-51780",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-51780"
    },
    {
      "cve": "CVE-2023-51781",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel before 6.6.8. atalk_ioctl in net/appletalk/ddp.c has a use-after-free because of an atalk_recvmsg race condition.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-51781"
    },
    {
      "cve": "CVE-2023-51782",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept race condition.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-51782"
    },
    {
      "cve": "CVE-2023-52340",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The IPv6 implementation in the Linux kernel before 6.3 has a net/ipv6/route.c max_size threshold that can be consumed easily, e.g., leading to a denial of service (network is unreachable errors) when IPv6 packets are sent in a loop via a raw socket.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52340"
    },
    {
      "cve": "CVE-2023-52433",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nft_set_rbtree: skip sync GC for new elements in this transaction",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52433"
    },
    {
      "cve": "CVE-2023-52435",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet: prevent mss overflow in skb_segment()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52435"
    },
    {
      "cve": "CVE-2023-52475",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nInput: powermate - fix use-after-free in powermate_config_complete",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52475"
    },
    {
      "cve": "CVE-2023-52477",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nusb: hub: Guard against accesses to uninitialized BOS descriptors",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52477"
    },
    {
      "cve": "CVE-2023-52478",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nHID: logitech-hidpp: Fix kernel crash on receiver USB disconnect",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52478"
    },
    {
      "cve": "CVE-2023-52486",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndrm: Don\u0027t unref the same fb many times by mistake due to deadlock handling",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52486"
    },
    {
      "cve": "CVE-2023-52502",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52502"
    },
    {
      "cve": "CVE-2023-52504",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nx86/alternatives: Disable KASAN in apply_alternatives()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52504"
    },
    {
      "cve": "CVE-2023-52507",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnfc: nci: assert requested protocol is valid",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52507"
    },
    {
      "cve": "CVE-2023-52509",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nravb: Fix use-after-free issue in ravb_tx_timeout_work()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52509"
    },
    {
      "cve": "CVE-2023-52510",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nieee802154: ca8210: Fix a potential UAF in ca8210_probe",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52510"
    },
    {
      "cve": "CVE-2023-52581",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nf_tables: fix memleak when more than 255 elements expired",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52581"
    },
    {
      "cve": "CVE-2023-52583",
      "cwe": {
        "id": "CWE-833",
        "name": "Deadlock"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nceph: fix deadlock or deadcode of misusing dget()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52583"
    },
    {
      "cve": "CVE-2023-52587",
      "cwe": {
        "id": "CWE-413",
        "name": "Improper Resource Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nIB/ipoib: Fix mcast list locking",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52587"
    },
    {
      "cve": "CVE-2023-52594",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nwifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52594"
    },
    {
      "cve": "CVE-2023-52595",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nwifi: rt2x00: restart beacon queue when hardware reset",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52595"
    },
    {
      "cve": "CVE-2023-52597",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nKVM: s390: fix setting of fpc register",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52597"
    },
    {
      "cve": "CVE-2023-52598",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ns390/ptrace: handle setting of fpc register correctly",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52598"
    },
    {
      "cve": "CVE-2023-52599",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\njfs: fix array-index-out-of-bounds in diNewExt",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52599"
    },
    {
      "cve": "CVE-2023-52600",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\njfs: fix uaf in jfs_evict_inode",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52600"
    },
    {
      "cve": "CVE-2023-52601",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\njfs: fix array-index-out-of-bounds in dbAdjTree",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52601"
    },
    {
      "cve": "CVE-2023-52602",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\njfs: fix slab-out-of-bounds Read in dtSearch",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52602"
    },
    {
      "cve": "CVE-2023-52603",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nUBSAN: array-index-out-of-bounds in dtSplitRoot",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52603"
    },
    {
      "cve": "CVE-2023-52604",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nFS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52604"
    },
    {
      "cve": "CVE-2023-52606",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\npowerpc/lib: Validate size for vector operations",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52606"
    },
    {
      "cve": "CVE-2023-52607",
      "cwe": {
        "id": "CWE-395",
        "name": "Use of NullPointerException Catch to Detect NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\npowerpc/mm: Fix null-pointer dereference in pgtable_cache_add",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52607"
    },
    {
      "cve": "CVE-2023-52615",
      "cwe": {
        "id": "CWE-833",
        "name": "Deadlock"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nhwrng: core - Fix page fault dead lock on mmap-ed hwrng",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52615"
    },
    {
      "cve": "CVE-2023-52617",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nPCI: switchtec: Fix stdev_release() crash after surprise hot remove",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52617"
    },
    {
      "cve": "CVE-2023-52619",
      "cwe": {
        "id": "CWE-99",
        "name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\npstore/ram: Fix crash when setting number of cpus to an odd number",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52619"
    },
    {
      "cve": "CVE-2023-52622",
      "cwe": {
        "id": "CWE-131",
        "name": "Incorrect Calculation of Buffer Size"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ext4: avoid online resizing failures due to oversized flex bg.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52622"
    },
    {
      "cve": "CVE-2023-52623",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nSUNRPC: Fix a suspicious RCU usage warning",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52623"
    },
    {
      "cve": "CVE-2023-52637",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ncan: j1939: Fix UAF in j1939_sk_match_filter during setsockopt(SO_J1939_FILTER)",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52637"
    },
    {
      "cve": "CVE-2023-52654",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nio_uring/af_unix: disable sending io_uring over sockets",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52654"
    },
    {
      "cve": "CVE-2023-52655",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nusb: aqc111: check packet for fixup for true limit",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52655"
    },
    {
      "cve": "CVE-2023-52670",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nrpmsg: virtio: Free driver_override when rpmsg_remove()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52670"
    },
    {
      "cve": "CVE-2023-52753",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndrm/amd/display: Avoid NULL dereference of timing generator",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52753"
    },
    {
      "cve": "CVE-2023-52764",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nmedia: gspca: cpia1: shift-out-of-bounds in set_flicker",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52764"
    },
    {
      "cve": "CVE-2023-52774",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ns390/dasd: protect device queue against concurrent access",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52774"
    },
    {
      "cve": "CVE-2023-52784",
      "cwe": {
        "id": "CWE-99",
        "name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nbonding: stop the device in bond_setup_by_slave()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52784"
    },
    {
      "cve": "CVE-2023-52789",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ntty: vcc: Add check for kstrdup() in vcc_probe()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52789"
    },
    {
      "cve": "CVE-2023-52791",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ni2c: core: Run atomic i2c xfer when !preemptible",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52791"
    },
    {
      "cve": "CVE-2023-52796",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nipvlan: add ipvlan_route_v6_outbound() helper",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52796"
    },
    {
      "cve": "CVE-2023-52799",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\njfs: fix array-index-out-of-bounds in dbFindLeaf",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52799"
    },
    {
      "cve": "CVE-2023-52804",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfs/jfs: Add validity check for db_maxag and db_agpref",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52804"
    },
    {
      "cve": "CVE-2023-52805",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\njfs: fix array-index-out-of-bounds in diAlloc",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52805"
    },
    {
      "cve": "CVE-2023-52806",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nALSA: hda: Fix possible null-ptr-deref when assigning a stream",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52806"
    },
    {
      "cve": "CVE-2023-52809",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nscsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52809"
    },
    {
      "cve": "CVE-2023-52810",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfs/jfs: Add check for negative db_l2nbperpage",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52810"
    },
    {
      "cve": "CVE-2023-52813",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ncrypto: pcrypt - Fix hungtask for PADATA_RESET",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52813"
    },
    {
      "cve": "CVE-2023-52817",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndrm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52817"
    },
    {
      "cve": "CVE-2023-52818",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndrm/amd: Fix UBSAN array-index-out-of-bounds for SMU7",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52818"
    },
    {
      "cve": "CVE-2023-52819",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndrm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52819"
    },
    {
      "cve": "CVE-2023-52832",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nwifi: mac80211: don\u0027t return unset power in ieee80211_get_tx_power()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52832"
    },
    {
      "cve": "CVE-2023-52835",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nperf/core: Bail out early if the request AUX area is out of bound",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52835"
    },
    {
      "cve": "CVE-2023-52836",
      "cwe": {
        "id": "CWE-99",
        "name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nlocking/ww_mutex/test: Fix potential workqueue corruption",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52836"
    },
    {
      "cve": "CVE-2023-52838",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfbdev: imsttfb: fix a resource leak in probe",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52838"
    },
    {
      "cve": "CVE-2023-52840",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nInput: synaptics-rmi4 - fix use after free in rmi_unregister_function()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52840"
    },
    {
      "cve": "CVE-2023-52843",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nllc: verify mac len before reading mac header",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52843"
    },
    {
      "cve": "CVE-2023-52845",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ntipc: Change nla_policy for bearer-related names to NLA_NUL_STRING",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52845"
    },
    {
      "cve": "CVE-2023-52847",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nmedia: bttv: fix use after free error due to btv-\u003etimeout timer",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52847"
    },
    {
      "cve": "CVE-2023-52853",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nhid: cp2112: Fix duplicate workqueue initialization",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52853"
    },
    {
      "cve": "CVE-2023-52855",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nusb: dwc2: fix possible NULL pointer dereference caused by driver concurrency",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52855"
    },
    {
      "cve": "CVE-2023-52858",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nclk: mediatek: clk-mt7629: Add check for mtk_alloc_clk_data",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52858"
    },
    {
      "cve": "CVE-2023-52864",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nplatform/x86: wmi: Fix opening of char device",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52864"
    },
    {
      "cve": "CVE-2023-52865",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nclk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52865"
    },
    {
      "cve": "CVE-2023-52867",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndrm/radeon: possible buffer overflow",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52867"
    },
    {
      "cve": "CVE-2023-52868",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nthermal: core: prevent potential string overflow",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52868"
    },
    {
      "cve": "CVE-2023-52871",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nsoc: qcom: llcc: Handle a second device without data corruption",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52871"
    },
    {
      "cve": "CVE-2023-52873",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nclk: mediatek: clk-mt6779: Add check for mtk_alloc_clk_data",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52873"
    },
    {
      "cve": "CVE-2023-52875",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nclk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52875"
    },
    {
      "cve": "CVE-2023-52876",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nclk: mediatek: clk-mt7629-eth: Add check for mtk_alloc_clk_data",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52876"
    },
    {
      "cve": "CVE-2023-52879",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ntracing: Have trace_event_file have ref counters",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52879"
    },
    {
      "cve": "CVE-2023-52881",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ntcp: do not accept ACK of bytes we never sent",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52881"
    },
    {
      "cve": "CVE-2023-52919",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnfc: nci: fix possible NULL pointer dereference in send_acknowledge()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2023-52919"
    },
    {
      "cve": "CVE-2024-0193",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFT_CHAIN object or NFT_OBJECT object, allowing a local unprivileged user with CAP_NET_ADMIN capability to escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-0193"
    },
    {
      "cve": "CVE-2024-0584",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free issue was found in igmp_start_timer in net/ipv4/igmp.c in the network sub-component in the Linux Kernel. This flaw allows a local user to observe a refcnt use-after-free issue when receiving an igmp query packet, leading to a kernel information leak.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-0584"
    },
    {
      "cve": "CVE-2024-0646",
      "cwe": {
        "id": "CWE-1314",
        "name": "Missing Write Protection for Parametric Data Values"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds memory write flaw was found in the Linux kernel\u2019s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-0646"
    },
    {
      "cve": "CVE-2024-0841",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A null pointer dereference flaw was found in the hugetlbfs_fill_super function in the Linux kernel hugetlbfs (HugeTLB pages) functionality. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-0841"
    },
    {
      "cve": "CVE-2024-1086",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\r\n\r\nThe nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-1086"
    },
    {
      "cve": "CVE-2024-26581",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nft_set_rbtree: skip end interval element from gc",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26581"
    },
    {
      "cve": "CVE-2024-26593",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ni2c: i801: Fix block process call transactions",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26593"
    },
    {
      "cve": "CVE-2024-26598",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nKVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26598"
    },
    {
      "cve": "CVE-2024-26600",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nphy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26600"
    },
    {
      "cve": "CVE-2024-26602",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nsched/membarrier: reduce the ability to hammer on sys_membarrier",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26602"
    },
    {
      "cve": "CVE-2024-26606",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nbinder: signal epoll threads of self-work",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26606"
    },
    {
      "cve": "CVE-2024-26615",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet/smc: fix illegal rmb_desc access in SMC-D connection dump",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26615"
    },
    {
      "cve": "CVE-2024-26625",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nllc: call sock_orphan() at release time",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26625"
    },
    {
      "cve": "CVE-2024-26635",
      "cwe": {
        "id": "CWE-456",
        "name": "Missing Initialization of a Variable"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nllc: Drop support for ETH_P_TR_802_2.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26635"
    },
    {
      "cve": "CVE-2024-26636",
      "cwe": {
        "id": "CWE-413",
        "name": "Improper Resource Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nllc: make llc_ui_sendmsg() more robust against bonding changes",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26636"
    },
    {
      "cve": "CVE-2024-26645",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracing_map.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26645"
    },
    {
      "cve": "CVE-2024-26663",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ntipc: Check the bearer type before calling tipc_udp_nl_bearer_add()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26663"
    },
    {
      "cve": "CVE-2024-26664",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nhwmon: (coretemp) Fix out-of-bounds memory access",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26664"
    },
    {
      "cve": "CVE-2024-26671",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix IO hang from sbitmap wakeup race.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26671"
    },
    {
      "cve": "CVE-2024-26673",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26673"
    },
    {
      "cve": "CVE-2024-26675",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nppp_async: limit MRU to 64K",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26675"
    },
    {
      "cve": "CVE-2024-26679",
      "cwe": {
        "id": "CWE-413",
        "name": "Improper Resource Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ninet: read sk-\u003esk_family once in inet_recv_error()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26679"
    },
    {
      "cve": "CVE-2024-26684",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet: stmmac: xgmac: fix handling of DPP safety error for DMA channels",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26684"
    },
    {
      "cve": "CVE-2024-26685",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnilfs2: fix potential bug in end_buffer_async_write",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26685"
    },
    {
      "cve": "CVE-2024-26688",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26688"
    },
    {
      "cve": "CVE-2024-26696",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnilfs2: fix hang in nilfs_lookup_dirty_data_buffers()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26696"
    },
    {
      "cve": "CVE-2024-26697",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnilfs2: fix data corruption in dsync block recovery for small block sizes",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26697"
    },
    {
      "cve": "CVE-2024-26702",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\niio: magnetometer: rm3100: add boundary check for the value read from RM3100_REG_TMRC",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26702"
    },
    {
      "cve": "CVE-2024-26704",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\next4: fix double-free of blocks due to wrong extents moved_len",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26704"
    },
    {
      "cve": "CVE-2024-26720",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nmm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26720"
    },
    {
      "cve": "CVE-2024-26722",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nASoC: rt5645: Fix deadlock in rt5645_jack_detect_work()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26722"
    },
    {
      "cve": "CVE-2024-26735",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nipv6: sr: fix possible use-after-free and null-ptr-deref",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26735"
    },
    {
      "cve": "CVE-2024-26736",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nafs: Increase buffer size in afs_update_volume_status()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26736"
    },
    {
      "cve": "CVE-2024-26748",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nusb: cdns3: fix memory double free when handle zero packet",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26748"
    },
    {
      "cve": "CVE-2024-26749",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nusb: cdns3: fixed memory use after free at cdns3_gadget_ep_disable()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26749"
    },
    {
      "cve": "CVE-2024-26751",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nARM: ep93xx: Add terminator to gpiod_lookup_table",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26751"
    },
    {
      "cve": "CVE-2024-26752",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nl2tp: pass correct message length to ip6_append_data",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26752"
    },
    {
      "cve": "CVE-2024-26754",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ngtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26754"
    },
    {
      "cve": "CVE-2024-26763",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndm-crypt: don\u0027t modify the data when using authenticated encryption",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26763"
    },
    {
      "cve": "CVE-2024-26764",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26764"
    },
    {
      "cve": "CVE-2024-26766",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nIB/hfi1: Fix sdma.h tx-\u003enum_descs off-by-one error",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26766"
    },
    {
      "cve": "CVE-2024-26772",
      "cwe": {
        "id": "CWE-413",
        "name": "Improper Resource Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\next4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()\r\n\r\nPlaces the logic for checking if the group\u0027s block bitmap is corrupt under\r\nthe protection of the group lock to avoid allocating blocks from the group\r\nwith a corrupted block bitmap.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26772"
    },
    {
      "cve": "CVE-2024-26773",
      "cwe": {
        "id": "CWE-413",
        "name": "Improper Resource Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26773"
    },
    {
      "cve": "CVE-2024-26777",
      "cwe": {
        "id": "CWE-369",
        "name": "Divide By Zero"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfbdev: sis: Error out if pixclock equals zero",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26777"
    },
    {
      "cve": "CVE-2024-26778",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfbdev: savage: Error out if pixclock equals zero",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26778"
    },
    {
      "cve": "CVE-2024-26779",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nwifi: mac80211: fix race condition on enabling fast-xmit",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26779"
    },
    {
      "cve": "CVE-2024-26788",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndmaengine: fsl-qdma: init irq after reg initialization",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26788"
    },
    {
      "cve": "CVE-2024-26790",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26790"
    },
    {
      "cve": "CVE-2024-26791",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nbtrfs: dev-replace: properly validate device names",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26791"
    },
    {
      "cve": "CVE-2024-26793",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ngtp: fix use-after-free and null-ptr-deref in gtp_newlink()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26793"
    },
    {
      "cve": "CVE-2024-26801",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nBluetooth: Avoid potential use-after-free in hci_error_reset",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26801"
    },
    {
      "cve": "CVE-2024-26804",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet: ip_tunnel: prevent perpetual headroom growth",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26804"
    },
    {
      "cve": "CVE-2024-26805",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netlink: Fix kernel-infoleak-after-free in skb_datagram_iter.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26805"
    },
    {
      "cve": "CVE-2024-26825",
      "cwe": {
        "id": "CWE-402",
        "name": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnfc: nci: free rx_data_reassembly skb on NCI device cleanup",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26825"
    },
    {
      "cve": "CVE-2024-26835",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nf_tables: set dormant flag on hook register failure",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26835"
    },
    {
      "cve": "CVE-2024-26839",
      "cwe": {
        "id": "CWE-402",
        "name": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nIB/hfi1: Fix a memleak in init_credit_return",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26839"
    },
    {
      "cve": "CVE-2024-26840",
      "cwe": {
        "id": "CWE-402",
        "name": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ncachefiles: fix memory leak in cachefiles_add_cache()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26840"
    },
    {
      "cve": "CVE-2024-26845",
      "cwe": {
        "id": "CWE-99",
        "name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nscsi: target: core: Add TMF to tmr_list handling",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26845"
    },
    {
      "cve": "CVE-2024-26910",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: ipset: fix performance regression in swap operation",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-26910"
    },
    {
      "cve": "CVE-2024-27405",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nusb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-27405"
    },
    {
      "cve": "CVE-2024-27410",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nwifi: nl80211: reject iftype change with mesh ID change",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-27410"
    },
    {
      "cve": "CVE-2024-27412",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\npower: supply: bq27xxx-i2c: Do not free non existing IRQ",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-27412"
    },
    {
      "cve": "CVE-2024-27413",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nefi/capsule-loader: fix incorrect allocation size",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-27413"
    },
    {
      "cve": "CVE-2024-27414",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nrtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-27414"
    },
    {
      "cve": "CVE-2024-27416",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nBluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-27416"
    },
    {
      "cve": "CVE-2024-27417",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nipv6: fix potential \"struct net\" leak in inet6_rtm_getaddr()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-27417"
    },
    {
      "cve": "CVE-2024-35833",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-35833"
    },
    {
      "cve": "CVE-2024-35835",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet/mlx5e: fix a double-free in arfs_create_groups",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-35835"
    },
    {
      "cve": "CVE-2024-39476",
      "cwe": {
        "id": "CWE-667",
        "name": "Improper Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nmd/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V3.1 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2024-39476"
    }
  ]
}

{
  "document": {
    "acknowledgments": [
      {
        "organization": "Siemens ProductCERT",
        "summary": "reporting these vulnerabilities to CISA."
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the firmware version  \u003e= V3.1.0 and \u003c V3.1.5 for the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP (incl. SIPLUS variant).\n\nThese GNU/Linux vulnerabilities have been externally identified. \nSiemens has released new versions for the affected products and recommends to update to the latest versions.\n\nNote: This SSA advises vulnerabilities for firmware version V3.1 only; for versions \u003c V3.1 refer to Siemens Security Bulletin SSB-439005 (\nhttps://cert-portal.siemens.com/productcert/html/ssb-439005.html).",
        "title": "Summary"
      },
      {
        "category": "general",
        "text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
        "title": "General Recommendations"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
        "title": "Terms of Use"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "other",
        "text": "This ICSA is a verbatim republication of Siemens ProductCERT SSA-398330 from a direct conversion of the vendor\u0027s Common Security Advisory Framework (CSAF) advisory. This is republished to CISA\u0027s website as a means of increasing visibility and is provided \"as-is\" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory.  Further, CISA does not endorse any commercial product or service.  Please contact Siemens ProductCERT directly for any questions regarding this advisory.",
        "title": "Advisory Conversion Disclaimer"
      },
      {
        "category": "other",
        "text": "Critical Manufacturing, Transportation Systems, Energy, Healthcare and Public Health, Financial Services, Government Services and Facilities",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Germany",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "central@cisa.dhs.gov",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "SSA-398330: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP  \u003e= V3.1.0 and \u003c V3.1.5 - CSAF Version",
        "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-398330.json"
      },
      {
        "category": "self",
        "summary": "SSA-398330: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP  \u003e= V3.1.0 and \u003c V3.1.5 - HTML Version",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-398330.html"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-23-348-10 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2023/icsa-23-348-10.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-23-348-10 - Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-10"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/topics/industrial-control-systems"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
      }
    ],
    "title": "Siemens SIMATIC S7-1500",
    "tracking": {
      "current_release_date": "2025-08-12T00:00:00.000000Z",
      "generator": {
        "date": "2025-08-14T23:08:55.270985Z",
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-23-348-10",
      "initial_release_date": "2023-12-12T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2023-12-12T00:00:00.000000Z",
          "legacy_version": "1.0",
          "number": "1",
          "summary": "Publication Date"
        },
        {
          "date": "2024-01-09T00:00:00.000000Z",
          "legacy_version": "1.1",
          "number": "2",
          "summary": "Added CVE-2021-44879, CVE-2023-46218, CVE-2023-46219, and CVE-2023-48795"
        },
        {
          "date": "2024-02-13T00:00:00.000000Z",
          "legacy_version": "1.2",
          "number": "3",
          "summary": "Added CVE-2023-45898, CVE-2023-46862, CVE-2023-6121, CVE-2023-6817, CVE-2023-6931, CVE-2023-6932, CVE-2024-0584"
        },
        {
          "date": "2024-03-12T00:00:00.000000Z",
          "legacy_version": "1.3",
          "number": "4",
          "summary": "Added CVE-2023-52425, CVE-2023-52426, CVE-2023-45918"
        },
        {
          "date": "2024-04-09T00:00:00.000000Z",
          "legacy_version": "1.4",
          "number": "5",
          "summary": "Added CVE-2024-28757"
        },
        {
          "date": "2024-05-14T00:00:00.000000Z",
          "legacy_version": "1.5",
          "number": "6",
          "summary": "Added CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466, CVE-2024-2511, CVE-2024-28085, CVE-2024-28182, CVE-2024-28834, CVE-2024-28835"
        },
        {
          "date": "2024-06-11T00:00:00.000000Z",
          "legacy_version": "1.6",
          "number": "7",
          "summary": "Added CVE-2024-2961, CVE-2024-33599, CVE-2024-33600, CVE-2024-33601, CVE-2024-33602, CVE-2024-34459"
        },
        {
          "date": "2024-07-09T00:00:00.000000Z",
          "legacy_version": "1.7",
          "number": "8",
          "summary": "Added CVE-2024-5535, CVE-2024-5742"
        },
        {
          "date": "2024-08-13T00:00:00.000000Z",
          "legacy_version": "1.8",
          "number": "9",
          "summary": "Added CVE-2017-15422, CVE-2024-7264, CVE-2024-37370, CVE-2024-37371"
        },
        {
          "date": "2024-10-08T00:00:00.000000Z",
          "legacy_version": "1.9",
          "number": "10",
          "summary": "Added CVE-2024-6409, CVE-2024-8096, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492"
        },
        {
          "date": "2024-11-12T00:00:00.000000Z",
          "legacy_version": "2.0",
          "number": "11",
          "summary": "Added CVE-2024-2236, CVE-2024-9143"
        },
        {
          "date": "2024-12-10T00:00:00.000000Z",
          "legacy_version": "2.1",
          "number": "12",
          "summary": "Added CVE-2024-50602, CVE-2024-52533"
        },
        {
          "date": "2025-01-14T00:00:00.000000Z",
          "legacy_version": "2.2",
          "number": "13",
          "summary": "Added CVE-2024-11053"
        },
        {
          "date": "2025-02-11T00:00:00.000000Z",
          "legacy_version": "2.3",
          "number": "14",
          "summary": "Added multiple CVEs"
        },
        {
          "date": "2025-03-11T00:00:00.000000Z",
          "legacy_version": "2.4",
          "number": "15",
          "summary": "Added CVE-2023-52622, CVE-2024-12133, -12243, -26645, -26671, -26679, -26772, -26773, -26777, -26805, -26923, -27020, -27032, -36017, -36484, -36904, -36905, -36934, -39487, -41046, -42106, -42131, -42154, -43871, -44944, -44965, -46743, -46745, -46750, -47684, -47701, -47737, -49881, -49884, -49948, -49949, -49952, -49997, -50006, -50040, -50045, -50251, -50262, -50299, -50301, -53057, -53140, -53165, -53217, CVE-2025-0167, -0395, -0665, -0725, -26465, -26466"
        },
        {
          "date": "2025-04-08T00:00:00.000000Z",
          "legacy_version": "2.5",
          "number": "16",
          "summary": "Added CVE-2025-21694, CVE-2025-1390, CVE-2024-8176, CVE-2024-57901, CVE-2024-57884, CVE-2024-56780, CVE-2024-56779, CVE-2024-56770, CVE-2024-56650, CVE-2024-56644, CVE-2024-56606, CVE-2024-56601, CVE-2024-56600, CVE-2024-56570, CVE-2024-56569, CVE-2024-53164, CVE-2024-53124, CVE-2024-52332, CVE-2024-48881, CVE-2024-47707, CVE-2024-12243"
        },
        {
          "date": "2025-06-10T00:00:00.000000Z",
          "legacy_version": "2.6",
          "number": "17",
          "summary": "Added fix for SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP incl. SIPLUS variants"
        },
        {
          "date": "2025-08-12T00:00:00.000000Z",
          "legacy_version": "2.7",
          "number": "18",
          "summary": "Removed CVE-2021-41617, CVE-2023-28531, CVE-2023-38545, CVE-2023-38546, CVE-2023-44487, CVE-2023-4527, CVE-2023-46218, CVE-2023-46219, CVE-2023-4806, CVE-2023-48795, CVE-2023-4911, CVE-2024-12133, CVE-2024-12243, CVE-2024-28085, CVE-2024-2961, CVE-2024-33599, CVE-2024-33600, CVE-2024-33601, CVE-2024-33602, CVE-2024-37370, CVE-2024-37371, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2025-26465, CVE-2025-46836 as they are not fixed in V3.1.5 and advised in SSA-082556"
        }
      ],
      "status": "final",
      "version": "18"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/\u003e=3.1.0|\u003c3.1.5",
                "product": {
                  "name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)",
                  "product_id": "CSAFPID-0001",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6ES7518-4AX00-1AB0"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/\u003e=3.1.0|\u003c3.1.5",
                "product": {
                  "name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)",
                  "product_id": "CSAFPID-0002",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6ES7518-4AX00-1AC0"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/\u003e=3.1.0|\u003c3.1.5",
                "product": {
                  "name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)",
                  "product_id": "CSAFPID-0003",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6ES7518-4FX00-1AB0"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/\u003e=3.1.0|\u003c3.1.5",
                "product": {
                  "name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)",
                  "product_id": "CSAFPID-0004",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6ES7518-4FX00-1AC0"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/\u003e=3.1.0|\u003c3.1.5",
                "product": {
                  "name": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)",
                  "product_id": "CSAFPID-0005",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6AG1518-4AX00-4AC0"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2013-0340",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "expat 2.1.0 and earlier does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue.  NOTE: it could be argued that because expat already provides the ability to disable external entity expansion, the responsibility for resolving this issue lies with application developers; according to this argument, this entry should be REJECTed, and each affected application would need its own CVE.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2013-0340"
    },
    {
      "cve": "CVE-2013-4235",
      "cwe": {
        "id": "CWE-367",
        "name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
      },
      "notes": [
        {
          "category": "summary",
          "text": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2013-4235"
    },
    {
      "cve": "CVE-2014-7209",
      "cwe": {
        "id": "CWE-77",
        "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "run-mailcap in the Debian mime-support package before 3.52-1+deb7u1 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.0,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2014-7209"
    },
    {
      "cve": "CVE-2015-20107",
      "cwe": {
        "id": "CWE-77",
        "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2015-20107"
    },
    {
      "cve": "CVE-2016-3189",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2016-3189"
    },
    {
      "cve": "CVE-2016-3709",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Possible cross-site scripting vulnerability in libxml after commit 960f0e2.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2016-3709"
    },
    {
      "cve": "CVE-2016-4658",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2016-4658"
    },
    {
      "cve": "CVE-2016-5131",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2016-5131"
    },
    {
      "cve": "CVE-2016-9318",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and other products, does not offer a flag directly indicating that the current document may be read but other files may not be opened, which makes it easier for remote attackers to conduct XML External Entity (XXE) attacks via a crafted document.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2016-9318"
    },
    {
      "cve": "CVE-2016-10228",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2016-10228"
    },
    {
      "cve": "CVE-2016-10739",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2016-10739"
    },
    {
      "cve": "CVE-2017-0663",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37104170.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2017-0663"
    },
    {
      "cve": "CVE-2017-7375",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw in libxml2 allows remote XML entity inclusion with default parser flags (i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes). Depending on the context, this may expose a higher-risk attack surface in libxml2 not usually reachable with default parser flags, and expose content from local files, HTTP, or FTP servers (which might be otherwise unreachable).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2017-7375"
    },
    {
      "cve": "CVE-2017-7376",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2017-7376"
    },
    {
      "cve": "CVE-2017-9047",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A buffer overflow was discovered in libxml2 20904-GITv2.9.4-16-g0741801. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer \u0027buf\u0027 of size \u0027size\u0027. The variable len is assigned strlen(buf). If the content-\u003etype is XML_ELEMENT_CONTENT_ELEMENT, then (i) the content-\u003eprefix is appended to buf (if it actually fits) whereupon (ii) content-\u003ename is written to the buffer. However, the check for whether the content-\u003ename actually fits also uses \u0027len\u0027 rather than the updated buffer length strlen(buf). This allows us to write about \"size\" many bytes beyond the allocated memory. This vulnerability causes programs that use libxml2, such as PHP, to crash.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2017-9047"
    },
    {
      "cve": "CVE-2017-9048",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer \u0027buf\u0027 of size \u0027size\u0027. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 \u003c size. This vulnerability causes programs that use libxml2, such as PHP, to crash.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2017-9048"
    },
    {
      "cve": "CVE-2017-9049",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictComputeFastKey function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for libxml2 Bug 759398.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2017-9049"
    },
    {
      "cve": "CVE-2017-9050",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for CVE-2016-1839.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2017-9050"
    },
    {
      "cve": "CVE-2017-15422",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Integer overflow in international date handling in International Components for Unicode (ICU) for C/C++ before 60.1, as used in V8 in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2017-15422"
    },
    {
      "cve": "CVE-2017-16931",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a \u0027%\u0027 character in a DTD name.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2017-16931"
    },
    {
      "cve": "CVE-2017-16932",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2017-16932"
    },
    {
      "cve": "CVE-2017-17512",
      "cwe": {
        "id": "CWE-74",
        "name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "sensible-browser in sensible-utils before 0.0.11 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2017-17512"
    },
    {
      "cve": "CVE-2017-18258",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2017-18258"
    },
    {
      "cve": "CVE-2018-0495",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2018-0495"
    },
    {
      "cve": "CVE-2018-12886",
      "cwe": {
        "id": "CWE-209",
        "name": "Generation of Error Message Containing Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2018-12886"
    },
    {
      "cve": "CVE-2018-14404",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2018-14404"
    },
    {
      "cve": "CVE-2018-14567",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2018-14567"
    },
    {
      "cve": "CVE-2018-18928",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "International Components for Unicode (ICU) for C/C++ 63.1 has an integer overflow in number::impl::DecimalQuantity::toScientificString() in i18n/number_decimalquantity.cpp.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2018-18928"
    },
    {
      "cve": "CVE-2018-19591",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2018-19591"
    },
    {
      "cve": "CVE-2018-20482",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be archived by a different user\u0027s process (e.g., a system backup running as root).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2018-20482"
    },
    {
      "cve": "CVE-2018-20843",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2018-20843"
    },
    {
      "cve": "CVE-2018-25032",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2018-25032"
    },
    {
      "cve": "CVE-2019-3855",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-3855"
    },
    {
      "cve": "CVE-2019-3856",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-3856"
    },
    {
      "cve": "CVE-2019-3857",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-3857"
    },
    {
      "cve": "CVE-2019-3858",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-3858"
    },
    {
      "cve": "CVE-2019-3859",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-3859"
    },
    {
      "cve": "CVE-2019-3860",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-3860"
    },
    {
      "cve": "CVE-2019-3861",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-3861"
    },
    {
      "cve": "CVE-2019-3862",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-3862"
    },
    {
      "cve": "CVE-2019-3863",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-3863"
    },
    {
      "cve": "CVE-2019-5018",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-5018"
    },
    {
      "cve": "CVE-2019-5094",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-5094"
    },
    {
      "cve": "CVE-2019-5188",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-5188"
    },
    {
      "cve": "CVE-2019-5435",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An integer overflow in curl\u0027s URL API results in a buffer overflow in libcurl 7.62.0 to and including 7.64.1.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-5435"
    },
    {
      "cve": "CVE-2019-5436",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-5436"
    },
    {
      "cve": "CVE-2019-5443",
      "cwe": {
        "id": "CWE-427",
        "name": "Uncontrolled Search Path Element"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A non-privileged user or program can put code and a config file in a known non-privileged path (under C:/usr/local/) that will make curl \u003c= 7.65.1 automatically run the code (as an openssl \"engine\") on invocation. If that curl is invoked by a privileged user it can do anything it wants.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-5443"
    },
    {
      "cve": "CVE-2019-5481",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-5481"
    },
    {
      "cve": "CVE-2019-5482",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-5482"
    },
    {
      "cve": "CVE-2019-6109",
      "cwe": {
        "id": "CWE-116",
        "name": "Improper Encoding or Escaping of Output"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-6109"
    },
    {
      "cve": "CVE-2019-6110",
      "cwe": {
        "id": "CWE-838",
        "name": "Inappropriate Encoding for Output Context"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-6110"
    },
    {
      "cve": "CVE-2019-6111",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-6111"
    },
    {
      "cve": "CVE-2019-6488",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The string component in the GNU C Library (aka glibc or libc6) through 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register for size_t in assembly codes, which can lead to a segmentation fault or possibly unspecified other impact, as demonstrated by a crash in __memmove_avx_unaligned_erms in sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S during a memcpy.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-6488"
    },
    {
      "cve": "CVE-2019-7309",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the GNU C Library (aka glibc or libc6) through 2.29, the memcmp function for the x32 architecture can incorrectly return zero (indicating that the inputs are equal) because the RDX most significant bit is mishandled.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-7309"
    },
    {
      "cve": "CVE-2019-8457",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-8457"
    },
    {
      "cve": "CVE-2019-9169",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-9169"
    },
    {
      "cve": "CVE-2019-9636",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached against a given hostname). The components are: urllib.parse.urlsplit, urllib.parse.urlparse. The attack vector is: A specially crafted URL could be incorrectly parsed to locate cookies or authentication data and send that information to a different host than when parsed correctly. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.7, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.3, v3.7.3rc1, v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-9636"
    },
    {
      "cve": "CVE-2019-9674",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-9674"
    },
    {
      "cve": "CVE-2019-9740",
      "cwe": {
        "id": "CWE-93",
        "name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the query string after a ? character) followed by an HTTP header or a Redis command. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-9740"
    },
    {
      "cve": "CVE-2019-9923",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-9923"
    },
    {
      "cve": "CVE-2019-9936",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQLite 3.27.2, running fts5 prefix queries inside a transaction could trigger a heap-based buffer over-read in fts5HashEntrySort in sqlite3.c, which may lead to an information leak. This is related to ext/fts5/fts5_hash.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-9936"
    },
    {
      "cve": "CVE-2019-9937",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQLite 3.27.2, interleaving reads and writes in a single transaction with an fts5 virtual table will lead to a NULL Pointer Dereference in fts5ChunkIterate in sqlite3.c. This is related to ext/fts5/fts5_hash.c and ext/fts5/fts5_index.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-9937"
    },
    {
      "cve": "CVE-2019-9947",
      "cwe": {
        "id": "CWE-93",
        "name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the path component of a URL that lacks a ? character) followed by an HTTP header or a Redis command. This is similar to the CVE-2019-9740 query string issue. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-9947"
    },
    {
      "cve": "CVE-2019-9948",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen(\u0027local_file:///etc/passwd\u0027) call.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-9948"
    },
    {
      "cve": "CVE-2019-10160",
      "cwe": {
        "id": "CWE-172",
        "name": "Encoding Error"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A security regression of CVE-2019-9636 was discovered in python since commit d537ab0ff9767ef024f26246899728f0116b1ec3 affecting versions 2.7, 3.5, 3.6, 3.7 and from v3.8.0a4 through v3.8.0b1, which still allows an attacker to exploit CVE-2019-9636 by abusing the user and password parts of a URL. When an application parses user-supplied URLs to store cookies, authentication credentials, or other kind of information, it is possible for an attacker to provide specially crafted URLs to make the application locate host-related information (e.g. cookies, authentication data) and send them to a different host than where it should, unlike if the URLs had been correctly parsed. The result of an attack may vary based on the application.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-10160"
    },
    {
      "cve": "CVE-2019-11360",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-11360"
    },
    {
      "cve": "CVE-2019-12290",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the inclusion of certain punycoded Unicode characters (that would be discarded when converted first to a Unicode label and then back to an ASCII label), arbitrary domains can be impersonated.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-12290"
    },
    {
      "cve": "CVE-2019-12900",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-12900"
    },
    {
      "cve": "CVE-2019-12904",
      "cwe": {
        "id": "CWE-668",
        "name": "Exposure of Resource to Wrong Sphere"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. (The C implementation is used on platforms where an assembly-language implementation is unavailable.) NOTE: the vendor\u0027s position is that the issue report cannot be validated because there is no description of an attack",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-12904"
    },
    {
      "cve": "CVE-2019-13057",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN (database admin) privileges for certain databases but wants to maintain isolation (e.g., for multi-tenant deployments), slapd does not properly stop a rootDN from requesting authorization as an identity from another database during a SASL bind or with a proxyAuthz (RFC 4370) control. (It is not a common configuration to deploy a system where the server administrator and a DB administrator enjoy different levels of trust.)",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-13057"
    },
    {
      "cve": "CVE-2019-13565",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered in those ACLs. After the first SASL bind is completed, the sasl_ssf value is retained for all new non-SASL connections. Depending on the ACL configuration, this can affect different types of operations (searches, modifications, etc.). In other words, a successful authorization step completed by one user affects the authorization requirement for a different user.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-13565"
    },
    {
      "cve": "CVE-2019-13627",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-13627"
    },
    {
      "cve": "CVE-2019-15847",
      "cwe": {
        "id": "CWE-331",
        "name": "Insufficient Entropy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-15847"
    },
    {
      "cve": "CVE-2019-15903",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-15903"
    },
    {
      "cve": "CVE-2019-16056",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. An attack may be the same as in CVE-2019-11340; however, this CVE applies to Python more generally.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-16056"
    },
    {
      "cve": "CVE-2019-16168",
      "cwe": {
        "id": "CWE-369",
        "name": "Divide By Zero"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a \"severe division by zero in the query planner.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-16168"
    },
    {
      "cve": "CVE-2019-16905",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-16905"
    },
    {
      "cve": "CVE-2019-17498",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-17498"
    },
    {
      "cve": "CVE-2019-17543",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor states \"only a few specific / uncommon usages of the API are at risk.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-17543"
    },
    {
      "cve": "CVE-2019-17594",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-17594"
    },
    {
      "cve": "CVE-2019-17595",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-17595"
    },
    {
      "cve": "CVE-2019-18224",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "idn2_to_ascii_4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-18224"
    },
    {
      "cve": "CVE-2019-18276",
      "cwe": {
        "id": "CWE-273",
        "name": "Improper Check for Dropped Privileges"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems that support \"saved UID\" functionality, the saved UID is not dropped. An attacker with command execution in the shell can use \"enable -f\" for runtime loading of a new builtin, which can be a shared object that calls setuid() and therefore regains privileges. However, binaries running with an effective UID of 0 are unaffected.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-18276"
    },
    {
      "cve": "CVE-2019-18348",
      "cwe": {
        "id": "CWE-74",
        "name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the host component of a URL) followed by an HTTP header. This is similar to the CVE-2019-9740 query string issue and the CVE-2019-9947 path string issue. (This is not exploitable when glibc has CVE-2016-10739 fixed.). This is fixed in: v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1; v3.6.11, v3.6.11rc1, v3.6.12; v3.7.8, v3.7.8rc1, v3.7.9; v3.8.3, v3.8.3rc1, v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-18348"
    },
    {
      "cve": "CVE-2019-19126",
      "cwe": {
        "id": "CWE-665",
        "name": "Improper Initialization"
      },
      "notes": [
        {
          "category": "summary",
          "text": "On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-19126"
    },
    {
      "cve": "CVE-2019-19242",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite 3.30.1 mishandles pExpr-\u003ey.pTab, as demonstrated by the TK_COLUMN case in sqlite3ExprCodeTarget in expr.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-19242"
    },
    {
      "cve": "CVE-2019-19244",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-19244"
    },
    {
      "cve": "CVE-2019-19317",
      "cwe": {
        "id": "CWE-681",
        "name": "Incorrect Conversion between Numeric Types"
      },
      "notes": [
        {
          "category": "summary",
          "text": "lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service or possibly have unspecified other impact.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-19317"
    },
    {
      "cve": "CVE-2019-19603",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-19603"
    },
    {
      "cve": "CVE-2019-19645",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-19645"
    },
    {
      "cve": "CVE-2019-19646",
      "cwe": {
        "id": "CWE-754",
        "name": "Improper Check for Unusual or Exceptional Conditions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-19646"
    },
    {
      "cve": "CVE-2019-19880",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-19880"
    },
    {
      "cve": "CVE-2019-19906",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-19906"
    },
    {
      "cve": "CVE-2019-19923",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-19923"
    },
    {
      "cve": "CVE-2019-19924",
      "cwe": {
        "id": "CWE-755",
        "name": "Improper Handling of Exceptional Conditions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-19924"
    },
    {
      "cve": "CVE-2019-19925",
      "cwe": {
        "id": "CWE-434",
        "name": "Unrestricted Upload of File with Dangerous Type"
      },
      "notes": [
        {
          "category": "summary",
          "text": "zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-19925"
    },
    {
      "cve": "CVE-2019-19926",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-19926"
    },
    {
      "cve": "CVE-2019-19956",
      "cwe": {
        "id": "CWE-772",
        "name": "Missing Release of Resource after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc-\u003eoldNs.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-19956"
    },
    {
      "cve": "CVE-2019-19959",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded \u0027\\0\u0027 characters in filenames, leading to a memory-management error that can be detected by (for example) valgrind.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-19959"
    },
    {
      "cve": "CVE-2019-20218",
      "cwe": {
        "id": "CWE-755",
        "name": "Improper Handling of Exceptional Conditions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-20218"
    },
    {
      "cve": "CVE-2019-20367",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table (strtab).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-20367"
    },
    {
      "cve": "CVE-2019-20388",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-20388"
    },
    {
      "cve": "CVE-2019-20795",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "iproute2 before 5.1.0 has a use-after-free in get_netnsid_from_name in ip/ipnetns.c. NOTE: security relevance may be limited to certain uses of setuid that, although not a default, are sometimes a configuration option offered to end users. Even when setuid is used, other factors (such as C library configuration) may block exploitability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-20795"
    },
    {
      "cve": "CVE-2019-20907",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-20907"
    },
    {
      "cve": "CVE-2019-25013",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-25013"
    },
    {
      "cve": "CVE-2019-1010022",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-1010022"
    },
    {
      "cve": "CVE-2019-1010023",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-1010023"
    },
    {
      "cve": "CVE-2019-1010024",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-1010024"
    },
    {
      "cve": "CVE-2019-1010025",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "summary",
          "text": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor\u0027s position is \"ASLR bypass itself is not a vulnerability.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-1010025"
    },
    {
      "cve": "CVE-2019-1010180",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-1010180"
    },
    {
      "cve": "CVE-2020-1712",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-1712"
    },
    {
      "cve": "CVE-2020-1751",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-1751"
    },
    {
      "cve": "CVE-2020-1752",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-1752"
    },
    {
      "cve": "CVE-2020-6096",
      "cwe": {
        "id": "CWE-195",
        "name": "Signed to Unsigned Conversion Error"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the \u0027num\u0027 parameter results in a signed comparison vulnerability. If an attacker underflows the \u0027num\u0027 parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-6096"
    },
    {
      "cve": "CVE-2020-7595",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-7595"
    },
    {
      "cve": "CVE-2020-8169",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The libcurl library versions 7.62.0 to and including  7.70.0 are vulnerable to an information disclosure vulnerability that can lead to a partial password being leaked over the network and to the DNS server(s).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-8169"
    },
    {
      "cve": "CVE-2020-8177",
      "cwe": {
        "id": "CWE-74",
        "name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-8177"
    },
    {
      "cve": "CVE-2020-8231",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-8231"
    },
    {
      "cve": "CVE-2020-8284",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-8284"
    },
    {
      "cve": "CVE-2020-8285",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-8285"
    },
    {
      "cve": "CVE-2020-8286",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The libcurl library versions 7.41.0 to and including  7.73.0 are vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response. This vulnerability could allow an attacker to pass a revoked certificate as valid.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-8286"
    },
    {
      "cve": "CVE-2020-8315",
      "cwe": {
        "id": "CWE-427",
        "name": "Uncontrolled Search Path Element"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Python (CPython) 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1, an insecure dependency load upon launch on Windows 7 may result in an attacker\u0027s copy of api-ms-win-core-path-l1-1-0.dll being loaded and used instead of the system\u0027s copy. Windows 8 and later are unaffected.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-8315"
    },
    {
      "cve": "CVE-2020-8492",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-8492"
    },
    {
      "cve": "CVE-2020-9327",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-9327"
    },
    {
      "cve": "CVE-2020-10029",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-10029"
    },
    {
      "cve": "CVE-2020-10531",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-10531"
    },
    {
      "cve": "CVE-2020-10543",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-10543"
    },
    {
      "cve": "CVE-2020-10735",
      "cwe": {
        "id": "CWE-704",
        "name": "Incorrect Type Conversion or Cast"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int(\"text\"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-10735"
    },
    {
      "cve": "CVE-2020-10878",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Perl before 5.30.3 has an integer overflow related to mishandling of a \"PL_regkind[OP(n)] == NOTHING\" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-10878"
    },
    {
      "cve": "CVE-2020-11501",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is 3.6.3 (2018-07-16) because of an error in a 2017-10-06 commit. The DTLS client always uses 32 \u0027\\0\u0027 bytes instead of a random value, and thus contributes no randomness to a DTLS negotiation. This breaks the security guarantees of the DTLS protocol.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-11501"
    },
    {
      "cve": "CVE-2020-11655",
      "cwe": {
        "id": "CWE-665",
        "name": "Improper Initialization"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object\u0027s initialization is mishandled.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-11655"
    },
    {
      "cve": "CVE-2020-11656",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-11656"
    },
    {
      "cve": "CVE-2020-12062",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call failure, which allows a malicious unprivileged user on the remote server to overwrite arbitrary files in the client\u0027s download directory by creating a crafted subdirectory anywhere on the remote server. The victim must use the command scp -rp to download a file hierarchy containing, anywhere inside, this crafted subdirectory. NOTE: the vendor points out that \"this attack can achieve no more than a hostile peer is already able to achieve within the scp protocol\" and \"utimes does not fail under normal circumstances.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-12062"
    },
    {
      "cve": "CVE-2020-12243",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "mitigation",
          "details": "Limit remote access to port 22350/tcp on systems where the Codemeter runtime network server is running (for details refer to the updated security manual of WinCC OA).",
          "product_ids": [
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-12243"
    },
    {
      "cve": "CVE-2020-12723",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-12723"
    },
    {
      "cve": "CVE-2020-12762",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-12762"
    },
    {
      "cve": "CVE-2020-13434",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-13434"
    },
    {
      "cve": "CVE-2020-13435",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-13435"
    },
    {
      "cve": "CVE-2020-13529",
      "cwe": {
        "id": "CWE-290",
        "name": "Authentication Bypass by Spoofing"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-13529"
    },
    {
      "cve": "CVE-2020-13630",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-13630"
    },
    {
      "cve": "CVE-2020-13631",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-13631"
    },
    {
      "cve": "CVE-2020-13632",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-13632"
    },
    {
      "cve": "CVE-2020-13776",
      "cwe": {
        "id": "CWE-269",
        "name": "Improper Privilege Management"
      },
      "notes": [
        {
          "category": "summary",
          "text": "systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-13776"
    },
    {
      "cve": "CVE-2020-13777",
      "cwe": {
        "id": "CWE-327",
        "name": "Use of a Broken or Risky Cryptographic Algorithm"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until the first key rotation, the TLS server always uses wrong data in place of an encryption key derived from an application.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-13777"
    },
    {
      "cve": "CVE-2020-13871",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-13871"
    },
    {
      "cve": "CVE-2020-14145",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-14145"
    },
    {
      "cve": "CVE-2020-14422",
      "cwe": {
        "id": "CWE-682",
        "name": "Incorrect Calculation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this attacker can cause many dictionary entries to be created. This is fixed in: v3.5.10, v3.5.10rc1; v3.6.12; v3.7.9; v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1; v3.9.0, v3.9.0b4, v3.9.0b5, v3.9.0rc1, v3.9.0rc2.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-14422"
    },
    {
      "cve": "CVE-2020-15358",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-15358"
    },
    {
      "cve": "CVE-2020-15523",
      "cwe": {
        "id": "CWE-427",
        "name": "Uncontrolled Search Path Element"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, and 3.9 through 3.9.0b4 on Windows, a Trojan horse python3.dll might be used in cases where CPython is embedded in a native application. This occurs because python3X.dll may use an invalid search path for python3.dll loading (after Py_SetPath has been used). NOTE: this issue CANNOT occur when using python.exe from a standard (non-embedded) Python installation on Windows.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-15523"
    },
    {
      "cve": "CVE-2020-15778",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of \"anomalous argument transfers\" because that could \"stand a great chance of breaking existing workflows.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-15778"
    },
    {
      "cve": "CVE-2020-15801",
      "cwe": {
        "id": "CWE-426",
        "name": "Untrusted Search Path"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Python 3.8.4, sys.path restrictions specified in a python38._pth file are ignored, allowing code to be loaded from arbitrary locations. The \u003cexecutable-name\u003e._pth file (e.g., the python._pth file) is not affected.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-15801"
    },
    {
      "cve": "CVE-2020-19185",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Buffer Overflow vulnerability in one_one_mapping function in progs/dump_entry.c:1373 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-19185"
    },
    {
      "cve": "CVE-2020-19186",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Buffer Overflow vulnerability in _nc_find_entry function in tinfo/comp_hash.c:66 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-19186"
    },
    {
      "cve": "CVE-2020-19187",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1100 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-19187"
    },
    {
      "cve": "CVE-2020-19188",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1116 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-19188"
    },
    {
      "cve": "CVE-2020-19189",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Buffer Overflow vulnerability in postprocess_terminfo function in tinfo/parse_entry.c:997 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-19189"
    },
    {
      "cve": "CVE-2020-19190",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Buffer Overflow vulnerability in _nc_find_entry in tinfo/comp_hash.c:70 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-19190"
    },
    {
      "cve": "CVE-2020-19909",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via a large value as the retry delay. NOTE: many parties report that this has no direct security impact on the curl user; however, it may (in theory) cause a denial of service to associated systems or networks if, for example, --retry-delay is misinterpreted as a value much smaller than what was intended. This is not especially plausible because the overflow only happens if the user was trying to specify that curl should wait weeks (or longer) before trying to recover from a transient error.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-19909"
    },
    {
      "cve": "CVE-2020-21047",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The libcpu component which is used by libasm of elfutils version 0.177 (git 47780c9e), suffers from denial-of-service vulnerability caused by application crashes due to out-of-bounds write (CWE-787), off-by-one error (CWE-193) and reachable assertion (CWE-617); to exploit the vulnerability, the attackers need to craft certain ELF files which bypass the missing bound checks.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-21047"
    },
    {
      "cve": "CVE-2020-21913",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "International Components for Unicode (ICU-20850) v66.1 was discovered to contain a use after free bug in the pkg_createWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-21913"
    },
    {
      "cve": "CVE-2020-22218",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access out of bounds memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-22218"
    },
    {
      "cve": "CVE-2020-24659",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application\u0027s error handling path, where the gnutls_deinit function is called after detecting a handshake failure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-24659"
    },
    {
      "cve": "CVE-2020-24977",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-24977"
    },
    {
      "cve": "CVE-2020-25692",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-25692"
    },
    {
      "cve": "CVE-2020-25709",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP\u2019s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-25709"
    },
    {
      "cve": "CVE-2020-25710",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-25710"
    },
    {
      "cve": "CVE-2020-26116",
      "cwe": {
        "id": "CWE-74",
        "name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-26116"
    },
    {
      "cve": "CVE-2020-27618",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-27618"
    },
    {
      "cve": "CVE-2020-28196",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-28196"
    },
    {
      "cve": "CVE-2020-29361",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations in the p11-kit library and the p11-kit list command, where overflow checks are missing before calling realloc or calloc.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-29361"
    },
    {
      "cve": "CVE-2020-29362",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in p11-kit 0.21.1 through 0.23.21. A heap-based buffer over-read has been discovered in the RPC protocol used by thep11-kit server/remote commands and the client library. When the remote entity supplies a byte array through a serialized PKCS#11 function call, the receiving entity may allow the reading of up to 4 bytes of memory past the heap allocation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-29362"
    },
    {
      "cve": "CVE-2020-29363",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in p11-kit 0.23.6 through 0.23.21. A heap-based buffer overflow has been discovered in the RPC protocol used by p11-kit server/remote commands and the client library. When the remote entity supplies a serialized byte array in a CK_ATTRIBUTE, the receiving entity may not allocate sufficient length for the buffer to store the deserialized value.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-29363"
    },
    {
      "cve": "CVE-2020-29562",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-29562"
    },
    {
      "cve": "CVE-2020-29573",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \\x00\\x04\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x04 value to sprintf. NOTE: the issue does not affect glibc by default in 2016 or later (i.e., 2.23 or later) because of commits made in 2015 for inlining of C99 math functions through use of GCC built-ins. In other words, the reference to 2.23 is intentional despite the mention of \"Fixed for glibc 2.33\" in the 26649 reference.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-29573"
    },
    {
      "cve": "CVE-2020-35525",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQlite 3.31.1, a potential null pointer derreference was found in the INTERSEC query processing.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-35525"
    },
    {
      "cve": "CVE-2020-35527",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQLite 3.31.1, there is an out of bounds access problem through ALTER TABLE for views that have a nested FROM clause.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-35527"
    },
    {
      "cve": "CVE-2020-36221",
      "cwe": {
        "id": "CWE-191",
        "name": "Integer Underflow (Wrap or Wraparound)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-36221"
    },
    {
      "cve": "CVE-2020-36222",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-36222"
    },
    {
      "cve": "CVE-2020-36223",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-36223"
    },
    {
      "cve": "CVE-2020-36224",
      "cwe": {
        "id": "CWE-763",
        "name": "Release of Invalid Pointer or Reference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-36224"
    },
    {
      "cve": "CVE-2020-36225",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-36225"
    },
    {
      "cve": "CVE-2020-36226",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch-\u003ebv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-36226"
    },
    {
      "cve": "CVE-2020-36227",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-36227"
    },
    {
      "cve": "CVE-2020-36228",
      "cwe": {
        "id": "CWE-191",
        "name": "Integer Underflow (Wrap or Wraparound)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-36228"
    },
    {
      "cve": "CVE-2020-36229",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-36229"
    },
    {
      "cve": "CVE-2020-36230",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-36230"
    },
    {
      "cve": "CVE-2021-3177",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-3177"
    },
    {
      "cve": "CVE-2021-3326",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-3326"
    },
    {
      "cve": "CVE-2021-3426",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There\u0027s a flaw in Python 3\u0027s pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to access. The highest risk of this flaw is to data confidentiality. This flaw affects Python versions before 3.8.9, Python versions before 3.9.3 and Python versions before 3.10.0a7.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-3426"
    },
    {
      "cve": "CVE-2021-3516",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There\u0027s a flaw in libxml2\u0027s xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-3516"
    },
    {
      "cve": "CVE-2021-3517",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to application availability, with some potential impact to confidentiality and integrity if an attacker is able to use memory information to further exploit the application.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-3517"
    },
    {
      "cve": "CVE-2021-3518",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There\u0027s a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-3518"
    },
    {
      "cve": "CVE-2021-3520",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There\u0027s a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-3520"
    },
    {
      "cve": "CVE-2021-3537",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-3537"
    },
    {
      "cve": "CVE-2021-3541",
      "cwe": {
        "id": "CWE-776",
        "name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-3541"
    },
    {
      "cve": "CVE-2021-3580",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the way nettle\u0027s RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-3580"
    },
    {
      "cve": "CVE-2021-3733",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There\u0027s a flaw in urllib\u0027s AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specially crafted payload that is sent by the server to the client. The greatest threat that this flaw poses is to application availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-3733"
    },
    {
      "cve": "CVE-2021-3737",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-3737"
    },
    {
      "cve": "CVE-2021-3826",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Heap/stack buffer overflow in the dlang_lname function in d-demangle.c in libiberty allows attackers to potentially cause a denial of service (segmentation fault and crash) via a crafted mangled symbol.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-3826"
    },
    {
      "cve": "CVE-2021-3997",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-3997"
    },
    {
      "cve": "CVE-2021-3998",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-3998"
    },
    {
      "cve": "CVE-2021-3999",
      "cwe": {
        "id": "CWE-193",
        "name": "Off-by-one Error"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-3999"
    },
    {
      "cve": "CVE-2021-4122",
      "cwe": {
        "id": "CWE-345",
        "name": "Insufficient Verification of Data Authenticity"
      },
      "notes": [
        {
          "category": "summary",
          "text": "It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device. An attacker with physical access to the medium, such as a flash disk, could use this flaw to force a user into permanently disabling the encryption layer of that medium.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-4122"
    },
    {
      "cve": "CVE-2021-4189",
      "cwe": {
        "id": "CWE-252",
        "name": "Unchecked Return Value"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP server that can trick FTP clients into connecting back to a given IP address and port. This vulnerability could lead to FTP client scanning ports, which otherwise would not have been possible.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-4189"
    },
    {
      "cve": "CVE-2021-4209",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference flaw was found in GnuTLS. As Nettle\u0027s hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-4209"
    },
    {
      "cve": "CVE-2021-20193",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the src/list.c of tar 1.33 and earlier. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-20193"
    },
    {
      "cve": "CVE-2021-20227",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in SQLite\u0027s SELECT query functionality (src/select.c). This flaw allows an attacker who is capable of running SQL queries locally on the SQLite database to cause a denial of service or possible code execution by triggering a use-after-free. The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-20227"
    },
    {
      "cve": "CVE-2021-20231",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other consequences.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-20231"
    },
    {
      "cve": "CVE-2021-20232",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-20232"
    },
    {
      "cve": "CVE-2021-20305",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA \u0026 ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-20305"
    },
    {
      "cve": "CVE-2021-22876",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl 7.1.1 to and including 7.75.0 is vulnerable to an \"Exposure of Private Personal Information to an Unauthorized Actor\" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leaking sensitive data to the server that is the target of the second HTTP request.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-22876"
    },
    {
      "cve": "CVE-2021-22890",
      "cwe": {
        "id": "CWE-290",
        "name": "Authentication Bypass by Spoofing"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets. When using a HTTPS proxy and TLS 1.3, libcurl can confuse session tickets arriving from the HTTPS proxy but work as if they arrived from the remote server and then wrongly \"short-cut\" the host handshake. When confusing the tickets, a HTTPS proxy can trick libcurl to use the wrong session ticket resume for the host and thereby circumvent the server TLS certificate check and make a MITM attack to be possible to perform unnoticed. Note that such a malicious HTTPS proxy needs to provide a certificate that curl will accept for the MITMed server for an attack to work - unless curl has been told to ignore the server certificate check.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-22890"
    },
    {
      "cve": "CVE-2021-22897",
      "cwe": {
        "id": "CWE-668",
        "name": "Exposure of Resource to Wrong Sphere"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The selected cipher set was stored in a single \"static\" variable in the library, which has the surprising side-effect that if an application sets up multiple concurrent transfers, the last one that sets the ciphers will accidentally control the set used by all transfers. In a worst-case scenario, this weakens transport security significantly.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-22897"
    },
    {
      "cve": "CVE-2021-22898",
      "cwe": {
        "id": "CWE-909",
        "name": "Missing Initialization of Resource"
      },
      "notes": [
        {
          "category": "summary",
          "text": "**NOTE: CVE-2021-22898 is an incomplete fix (see https://hackerone.com/reports/1223882)! Check if affected products also have fixed CVE-22925 instead! Do not use CVE-2021-22898 in public advisories!**\r\n\r\ncurl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEW_ENV variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the server, resulting in potentially revealing sensitive internal information to the server using a clear-text network protocol.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-22898"
    },
    {
      "cve": "CVE-2021-22901",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. A malicious server can use this in rare unfortunate circumstances to potentially reach remote code execution in the client. When libcurl at run-time sets up support for TLS 1.3 session tickets on a connection using OpenSSL, it stores pointers to the transfer in-memory object for later retrieval when a session ticket arrives. If the connection is used by multiple transfers (like with a reused HTTP/1.1 connection or multiplexed HTTP/2 connection) that first transfer object might be freed before the new session is established on that connection and then the function will access a memory buffer that might be freed. When using that memory, libcurl might even call a function pointer in the object, making it possible for a remote code execution if the server could somehow manage to get crafted memory content into the correct place in memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-22901"
    },
    {
      "cve": "CVE-2021-22922",
      "cwe": {
        "id": "CWE-354",
        "name": "Improper Validation of Integrity Check Value"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The metalink XML file points out to the client how to get the same contentfrom a set of different URLs, potentially hosted by different servers and theclient can then download the file from one or several of them. In a serial orparallel manner.If one of the servers hosting the contents has been breached and the contentsof the specific file on that server is replaced with a modified payload, curlshould detect this when the hash of the file mismatches after a completeddownload. It should remove the contents and instead try getting the contentsfrom another URL. This is not done, and instead such a hash mismatch is onlymentioned in text and the potentially malicious content is kept in the file ondisk.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-22922"
    },
    {
      "cve": "CVE-2021-22923",
      "cwe": {
        "id": "CWE-522",
        "name": "Insufficiently Protected Credentials"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download the contents from. Often contrary to the user\u0027s expectations and intentions and without telling the user it happened.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-22923"
    },
    {
      "cve": "CVE-2021-22924",
      "cwe": {
        "id": "CWE-706",
        "name": "Use of Incorrectly-Resolved Name or Reference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse, if one of them matches the setup. Due to errors in the logic, the config matching function did not take \u0027issuercert\u0027 into account and it compared the involved paths *case insensitively*, which could lead to libcurl reusing wrong connections. File paths are, or can be, case sensitive on many systems but not all, and can even vary depending on used file systems. The comparison also didn\u0027t include the \u0027issuer cert\u0027 which a transfer can set to qualify how to verify the server certificate.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-22924"
    },
    {
      "cve": "CVE-2021-22925",
      "cwe": {
        "id": "CWE-908",
        "name": "Use of Uninitialized Resource"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl. This rarely used option is used to send variable=content pairs to TELNET servers. Due to flaw in the option parser for sending `NEW_ENV` variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the server. Therefore potentially revealing sensitive internal information to the server using a clear-text network protocol. This could happen because curl did not call and use sscanf() correctly when parsing the string provided by the application.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-22925"
    },
    {
      "cve": "CVE-2021-22926",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl-using applications can ask for a specific client certificate to be used in a transfer. This is done with the `CURLOPT_SSLCERT` option (`--cert` with the command line tool).When libcurl is built to use the macOS native TLS library Secure Transport, an application can ask for the client certificate by name or with a file name - using the same option. If the name exists as a file, it will be used instead of by name.If the appliction runs with a current working directory that is writable by other users (like `/tmp`), a malicious user can create a file name with the same name as the app wants to use by name, and thereby trick the application to use the file based cert instead of the one referred to by name making libcurl send the wrong client certificate in the TLS connection handshake.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-22926"
    },
    {
      "cve": "CVE-2021-22945",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When sending data to an MQTT server, libcurl \u003c= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it *again*.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-22945"
    },
    {
      "cve": "CVE-2021-22946",
      "cwe": {
        "id": "CWE-319",
        "name": "Cleartext Transmission of Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A user can tell curl \u003e= 7.20.0 and \u003c= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be bypassed if the server would return a properly crafted but perfectly legitimate response.This flaw would then make curl silently continue its operations **withoutTLS** contrary to the instructions and expectations, exposing possibly sensitive data in clear text over the network.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-22946"
    },
    {
      "cve": "CVE-2021-22947",
      "cwe": {
        "id": "CWE-345",
        "name": "Insufficient Verification of Data Authenticity"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When curl \u003e= 7.20.0 and \u003c= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. curl would then upgrade to TLS but not flush the in-queue of cached responses but instead continue using and trustingthe responses it got *before* the TLS handshake as if they were authenticated.Using this flaw, it allows a Man-In-The-Middle attacker to first inject the fake responses, then pass-through the TLS traffic from the legitimate server and trick curl into sending data back to the user thinking the attacker\u0027s injected data comes from the TLS-protected server.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-22947"
    },
    {
      "cve": "CVE-2021-23336",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-23336"
    },
    {
      "cve": "CVE-2021-27212",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-27212"
    },
    {
      "cve": "CVE-2021-27218",
      "cwe": {
        "id": "CWE-681",
        "name": "Incorrect Conversion between Numeric Types"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If g_byte_array_new_take() was called with a buffer of 4GB or more on a 64-bit platform, the length would be truncated modulo 2**32, causing unintended length truncation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-27218"
    },
    {
      "cve": "CVE-2021-27219",
      "cwe": {
        "id": "CWE-681",
        "name": "Incorrect Conversion between Numeric Types"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function g_bytes_new has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to memory corruption.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-27219"
    },
    {
      "cve": "CVE-2021-27645",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-27645"
    },
    {
      "cve": "CVE-2021-28041",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-28041"
    },
    {
      "cve": "CVE-2021-28153",
      "cwe": {
        "id": "CWE-59",
        "name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in GNOME GLib before 2.66.8. When g_file_replace() is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink, it incorrectly also creates the target of the symlink as an empty file, which could conceivably have security relevance if the symlink is attacker-controlled. (If the path is a symlink to a file that already exists, then the contents of that file correctly remain unchanged.)",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-28153"
    },
    {
      "cve": "CVE-2021-28363",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The urllib3 library 1.26.x before 1.26.4 for Python omits SSL certificate validation in some cases involving HTTPS to HTTPS proxies. The initial connection to the HTTPS proxy (if an SSLContext isn\u0027t given via proxy_config) doesn\u0027t verify the hostname of the certificate. This means certificates for different servers that still validate properly with the default urllib3 SSLContext will be silently accepted.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-28363"
    },
    {
      "cve": "CVE-2021-28861",
      "cwe": {
        "id": "CWE-601",
        "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation page states \"Warning: http.server is not recommended for production. It only implements basic security checks.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-28861"
    },
    {
      "cve": "CVE-2021-31239",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue found in SQLite SQLite3 v.3.35.4 that could allow a remote attacker to cause a denial of service via the appendvfs.c function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-31239"
    },
    {
      "cve": "CVE-2021-32292",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in json-c from 20200420 (post 0.14 unreleased code) through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary sample program json_parse which is located in the function parseit.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-32292"
    },
    {
      "cve": "CVE-2021-33294",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In elfutils 0.183, an infinite loop was found in the function handle_symtab in readelf.c .Which allows attackers to cause a denial of service (infinite loop) via crafted file.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-33294"
    },
    {
      "cve": "CVE-2021-33560",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-33560"
    },
    {
      "cve": "CVE-2021-33574",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-33574"
    },
    {
      "cve": "CVE-2021-33910",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The use of alloca function with an uncontrolled size in function unit_name_path_escape allows a local attacker, able to mount a filesystem on a very long path, to crash systemd and the whole system by allocating a very large space in the stack.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-33910"
    },
    {
      "cve": "CVE-2021-35942",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-35942"
    },
    {
      "cve": "CVE-2021-36084",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-36084"
    },
    {
      "cve": "CVE-2021-36085",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-36085"
    },
    {
      "cve": "CVE-2021-36086",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-36086"
    },
    {
      "cve": "CVE-2021-36087",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-36087"
    },
    {
      "cve": "CVE-2021-36222",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a certain situation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-36222"
    },
    {
      "cve": "CVE-2021-36690",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges (e.g., is intentionally allowed to execute commands). This report does NOT imply any problem in the SQLite library.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-36690"
    },
    {
      "cve": "CVE-2021-37600",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library environments, and possibly in all realistic environments",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "mitigation",
          "details": "For earlier versions see the recommendations from section Workarounds and Mitigations",
          "product_ids": [
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-37600"
    },
    {
      "cve": "CVE-2021-37750",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "mitigation",
          "details": "For earlier versions see the recommendations from section Workarounds and Mitigations",
          "product_ids": [
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-37750"
    },
    {
      "cve": "CVE-2021-38604",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 fix.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-38604"
    },
    {
      "cve": "CVE-2021-43396",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "** DISPUTED ** In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious \u0027\\0\u0027 character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This may affect data integrity in certain iconv() use cases. NOTE: the vendor states \"the bug cannot be invoked through user input and requires iconv to be invoked with a NULL inbuf, which ought to require a separate application bug to do so unintentionally. Hence there\u0027s no security impact to the bug.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-43396"
    },
    {
      "cve": "CVE-2021-43618",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-43618"
    },
    {
      "cve": "CVE-2021-44879",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-44879"
    },
    {
      "cve": "CVE-2021-45960",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-45960"
    },
    {
      "cve": "CVE-2021-46143",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-46143"
    },
    {
      "cve": "CVE-2021-46195",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service (DoS) by consuming excessive CPU and memory resources.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-46195"
    },
    {
      "cve": "CVE-2021-46828",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-46828"
    },
    {
      "cve": "CVE-2021-46848",
      "cwe": {
        "id": "CWE-193",
        "name": "Off-by-one Error"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-46848"
    },
    {
      "cve": "CVE-2022-0391",
      "cwe": {
        "id": "CWE-74",
        "name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like \u0027\\r\u0027 and \u0027\\n\u0027 in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1, 3.9.5, 3.8.11, 3.7.11 and 3.6.14.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-0391"
    },
    {
      "cve": "CVE-2022-0563",
      "cwe": {
        "id": "CWE-209",
        "name": "Generation of Error Message Containing Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an \"INPUTRC\" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-0563"
    },
    {
      "cve": "CVE-2022-0778",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The BN_mod_sqrt() function in openSSL, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-0778"
    },
    {
      "cve": "CVE-2022-1271",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An arbitrary file write vulnerability was found in GNU gzip\u0027s zgrep utility. When zgrep is applied on the attacker\u0027s chosen file name (for example, a crafted file name), this can overwrite an attacker\u0027s content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-1271"
    },
    {
      "cve": "CVE-2022-1292",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The c_rehash script does not properly sanitise shell metacharacters to prevent command injection.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-1292"
    },
    {
      "cve": "CVE-2022-1304",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-1304"
    },
    {
      "cve": "CVE-2022-1343",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Under certain circumstances, the command line OCSP verify function reports successful verification when the verification in fact failed. In this case the incorrect successful response will also be accompanied by error messages showing the failure and contradicting the apparently successful result.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-1343"
    },
    {
      "cve": "CVE-2022-1434",
      "cwe": {
        "id": "CWE-327",
        "name": "Use of a Broken or Risky Cryptographic Algorithm"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When using the RC4-MD5 ciphersuite, which is disabled by default, an attacker is able to modify data in transit due to an incorrect use of the AAD data as the MAC key in OpenSSL 3.0. An attacker is not able to decrypt any communication.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-1434"
    },
    {
      "cve": "CVE-2022-1473",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The used OpenSSL version improperly reuses memory when decoding certificates or keys. This can lead to a process termination and Denial of Service for long lived processes.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-1473"
    },
    {
      "cve": "CVE-2022-2068",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-2068"
    },
    {
      "cve": "CVE-2022-2097",
      "cwe": {
        "id": "CWE-326",
        "name": "Inadequate Encryption Strength"
      },
      "notes": [
        {
          "category": "summary",
          "text": "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn\u0027t written. In the special case of \"in place\" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-2097"
    },
    {
      "cve": "CVE-2022-2274",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. SSL/TLS servers or other servers using 2048 bit RSA private keys running on machines supporting AVX512IFMA instructions of the X86_64 architecture are affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-2274"
    },
    {
      "cve": "CVE-2022-2509",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-2509"
    },
    {
      "cve": "CVE-2022-3715",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-3715"
    },
    {
      "cve": "CVE-2022-3821",
      "cwe": {
        "id": "CWE-193",
        "name": "Off-by-one Error"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-3821"
    },
    {
      "cve": "CVE-2022-4304",
      "cwe": {
        "id": "CWE-326",
        "name": "Inadequate Encryption Strength"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Disable the use of RSA ciphers in the web server configuration; note that RSA ciphers are disabled by default",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-4304"
    },
    {
      "cve": "CVE-2022-4450",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the \"name\" (e.g. \"CERTIFICATE\"), any header data and the payload data. If the function succeeds then the \"name_out\", \"header\" and \"data\" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Do not import or configure certificate files in PEM format from untrusted sources",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-4450"
    },
    {
      "cve": "CVE-2022-22576",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-22576"
    },
    {
      "cve": "CVE-2022-22822",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-22822"
    },
    {
      "cve": "CVE-2022-22823",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-22823"
    },
    {
      "cve": "CVE-2022-22824",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-22824"
    },
    {
      "cve": "CVE-2022-22825",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-22825"
    },
    {
      "cve": "CVE-2022-22826",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-22826"
    },
    {
      "cve": "CVE-2022-22827",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-22827"
    },
    {
      "cve": "CVE-2022-23218",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-23218"
    },
    {
      "cve": "CVE-2022-23219",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-23219"
    },
    {
      "cve": "CVE-2022-23308",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-23308"
    },
    {
      "cve": "CVE-2022-23852",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-23852"
    },
    {
      "cve": "CVE-2022-23990",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-23990"
    },
    {
      "cve": "CVE-2022-24407",
      "cwe": {
        "id": "CWE-89",
        "name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-24407"
    },
    {
      "cve": "CVE-2022-25235",
      "cwe": {
        "id": "CWE-116",
        "name": "Improper Encoding or Escaping of Output"
      },
      "notes": [
        {
          "category": "summary",
          "text": "xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-25235"
    },
    {
      "cve": "CVE-2022-25236",
      "cwe": {
        "id": "CWE-668",
        "name": "Exposure of Resource to Wrong Sphere"
      },
      "notes": [
        {
          "category": "summary",
          "text": "xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-25236"
    },
    {
      "cve": "CVE-2022-25313",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-25313"
    },
    {
      "cve": "CVE-2022-25314",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-25314"
    },
    {
      "cve": "CVE-2022-25315",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-25315"
    },
    {
      "cve": "CVE-2022-26488",
      "cwe": {
        "id": "CWE-426",
        "name": "Untrusted Search Path"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local attacker to add user-writable directories to the system search path. To exploit, an administrator must have installed Python for all users and enabled PATH entries. A non-administrative user can trigger a repair that incorrectly adds user-writable paths into PATH, enabling search-path hijacking of other users and system services. This affects Python (CPython) through 3.7.12, 3.8.x through 3.8.12, 3.9.x through 3.9.10, and 3.10.x through 3.10.2.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-26488"
    },
    {
      "cve": "CVE-2022-27774",
      "cwe": {
        "id": "CWE-522",
        "name": "Insufficiently Protected Credentials"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-27774"
    },
    {
      "cve": "CVE-2022-27775",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-27775"
    },
    {
      "cve": "CVE-2022-27776",
      "cwe": {
        "id": "CWE-522",
        "name": "Insufficiently Protected Credentials"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-27776"
    },
    {
      "cve": "CVE-2022-27778",
      "cwe": {
        "id": "CWE-706",
        "name": "Use of Incorrectly-Resolved Name or Reference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when `--no-clobber` is used together with `--remove-on-error`.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-27778"
    },
    {
      "cve": "CVE-2022-27779",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl wrongly allows cookies to be set for Top Level Domains (TLDs) if thehost name is provided with a trailing dot.curl can be told to receive and send cookies. curl\u0027s \"cookie engine\" can bebuilt with or without [Public Suffix List](https://publicsuffix.org/)awareness. If PSL support not provided, a more rudimentary check exists to atleast prevent cookies from being set on TLDs. This check was broken if thehost name in the URL uses a trailing dot.This can allow arbitrary sites to set cookies that then would get sent to adifferent and unrelated site or domain.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-27779"
    },
    {
      "cve": "CVE-2022-27780",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The curl URL parser wrongly accepts percent-encoded URL separators like \u0027/\u0027when decoding the host name part of a URL, making it a *different* URL usingthe wrong host name when it is later retrieved.For example, a URL like `http://example.com%2F127.0.0.1/`, would be allowed bythe parser and get transposed into `http://example.com/127.0.0.1/`. This flawcan be used to circumvent filters, checks and more.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-27780"
    },
    {
      "cve": "CVE-2022-27781",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server\u0027s certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-27781"
    },
    {
      "cve": "CVE-2022-27782",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-27782"
    },
    {
      "cve": "CVE-2022-27943",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-27943"
    },
    {
      "cve": "CVE-2022-28321",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn\u0027t correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a machine can still get access. NOTE: the relevance of this issue is largely limited to openSUSE Tumbleweed and openSUSE Factory; it does not affect Linux-PAM upstream.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-28321"
    },
    {
      "cve": "CVE-2022-29155",
      "cwe": {
        "id": "CWE-89",
        "name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-29155"
    },
    {
      "cve": "CVE-2022-29824",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don\u0027t check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2\u0027s buffer functions, for example libxslt through 1.1.35, is affected as well.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-29824"
    },
    {
      "cve": "CVE-2022-30115",
      "cwe": {
        "id": "CWE-319",
        "name": "Cleartext Transmission of Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Using its HSTS support, curl can be instructed to use HTTPS directly insteadof using an insecure clear-text HTTP step even when HTTP is provided in theURL. This mechanism could be bypassed if the host name in the given URL used atrailing dot while not using one when it built the HSTS cache. Or the otherway around - by having the trailing dot in the HSTS cache and *not* using thetrailing dot in the URL.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-30115"
    },
    {
      "cve": "CVE-2022-32205",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A malicious server can serve excessive amounts of \"Set-Cookie:\" headers in a HTTP response to curl and curl \u003c 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger than the threshold that curl uses internally to avoid sending crazy large requests (1048576 bytes) and instead returns an error.This denial state might remain for as long as the same cookies are kept, match and haven\u0027t expired. Due to cookie matching rules, a server on \"foo.example.com\" can set cookies that also would match for \"bar.example.com\", making it it possible for a \"sister server\" to effectively cause a denial of service for a sibling site on the same second level domain using this method.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-32205"
    },
    {
      "cve": "CVE-2022-32206",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl \u003c 7.84.0 supports \"chained\" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable \"links\" in this \"decompression chain\" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a \"malloc bomb\", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-32206"
    },
    {
      "cve": "CVE-2022-32207",
      "cwe": {
        "id": "CWE-276",
        "name": "Incorrect Default Permissions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When curl \u003c 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-32207"
    },
    {
      "cve": "CVE-2022-32208",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When curl \u003c 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-32208"
    },
    {
      "cve": "CVE-2022-32221",
      "cwe": {
        "id": "CWE-440",
        "name": "Expected Behavior Violation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously was used to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent `POST` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-32221"
    },
    {
      "cve": "CVE-2022-35252",
      "cwe": {
        "id": "CWE-1286",
        "name": "Improper Validation of Syntactic Correctness of Input"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a\"sister site\" to deny service to all siblings.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-35252"
    },
    {
      "cve": "CVE-2022-35260",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl can be told to parse a `.netrc` file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will in most cases cause a segfault or similar, but circumstances might also cause different outcomes.If a malicious user can provide a custom netrc file to an application or otherwise affect its contents, this flaw could be used as denial-of-service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-35260"
    },
    {
      "cve": "CVE-2022-35737",
      "cwe": {
        "id": "CWE-129",
        "name": "Improper Validation of Array Index"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-35737"
    },
    {
      "cve": "CVE-2022-37434",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-37434"
    },
    {
      "cve": "CVE-2022-37454",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-37454"
    },
    {
      "cve": "CVE-2022-40303",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-40303"
    },
    {
      "cve": "CVE-2022-40304",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-40304"
    },
    {
      "cve": "CVE-2022-40674",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-40674"
    },
    {
      "cve": "CVE-2022-42898",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has \"a similar bug.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-42898"
    },
    {
      "cve": "CVE-2022-42915",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl before 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a non-HTTP(S) URL, it sets up the connection to the remote server by issuing a CONNECT request to the proxy, and then tunnels the rest of the protocol through. An HTTP proxy might refuse this request (HTTP proxies often only allow outgoing connections to specific port numbers, like 443 for HTTPS) and instead return a non-200 status code to the client. Due to flaws in the error/cleanup handling, this could trigger a double free in curl if one of the following schemes were used in the URL for the transfer: dict, gopher, gophers, ldap, ldaps, rtmp, rtmps, or telnet. The earliest affected version is 7.77.0.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-42915"
    },
    {
      "cve": "CVE-2022-42916",
      "cwe": {
        "id": "CWE-319",
        "name": "Cleartext Transmission of Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In curl before 7.86.0, the HSTS check could be bypassed to trick it into staying with HTTP. Using its HSTS support, curl can be instructed to use HTTPS directly (instead of using an insecure cleartext HTTP step) even when HTTP is provided in the URL. This mechanism could be bypassed if the host name in the given URL uses IDN characters that get replaced with ASCII counterparts as part of the IDN conversion, e.g., using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop of U+002E (.). The earliest affected version is 7.77.0 2021-05-26.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-42916"
    },
    {
      "cve": "CVE-2022-43551",
      "cwe": {
        "id": "CWE-319",
        "name": "Cleartext Transmission of Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability exists in curl \u003c7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. However, the HSTS mechanism could be bypassed if the host name in the given URL first uses IDN characters that get replaced to ASCII counterparts as part of the IDN conversion. Like using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop U+002E (.). Then in a subsequent request, it does not detect the HSTS state and makes a clear text transfer. Because it would store the info IDN encoded but look for it IDN decoded.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-43551"
    },
    {
      "cve": "CVE-2022-43552",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl can be asked to tunnel virtually all protocols it supports through an HTTP proxy. HTTP proxies can (and often do) deny such tunnel operations using an appropriate HTTP error response code. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocated struct after it had been freed, in its transfer shutdown code path.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-43552"
    },
    {
      "cve": "CVE-2022-43680",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-43680"
    },
    {
      "cve": "CVE-2022-45061",
      "cwe": {
        "id": "CWE-407",
        "name": "Inefficient Algorithmic Complexity"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor; in such a scenario, they could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied supposed hostname. For example, the attack payload could be placed in the Location header of an HTTP response with status code 302. A fix is planned in 3.11.1, 3.10.9, 3.9.16, 3.8.16, and 3.7.16.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-45061"
    },
    {
      "cve": "CVE-2022-45873",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "systemd 250 and 251 allows local users to achieve a systemd-coredump deadlock by triggering a crash that has a long backtrace. This occurs in parse_elf_object in shared/elf-util.c. The exploitation methodology is to crash a binary calling the same function recursively, and put it in a deeply nested directory to make its backtrace large enough to cause the deadlock. This must be done 16 times when MaxConnections=16 is set for the systemd/units/systemd-coredump.socket file.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-45873"
    },
    {
      "cve": "CVE-2022-46908",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-46908"
    },
    {
      "cve": "CVE-2022-48303",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-48303"
    },
    {
      "cve": "CVE-2022-48522",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-48522"
    },
    {
      "cve": "CVE-2022-48560",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free exists in Python through 3.9 via heappushpop in heapq.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-48560"
    },
    {
      "cve": "CVE-2023-0215",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. This internal function is in turn called by the public API functions PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream. The OpenSSL cms and smime command line applications are similarly affected.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-0215"
    },
    {
      "cve": "CVE-2023-0286",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Disable CRL (certification revocation list) checking, if possible",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-0286"
    },
    {
      "cve": "CVE-2023-0361",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-0361"
    },
    {
      "cve": "CVE-2023-0464",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems.\r\n\r\nPolicy processing is disabled by default but can be enabled by passing the `-policy` argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()` function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-0464"
    },
    {
      "cve": "CVE-2023-0465",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Applications that use a non-default option when verifying certificates may be\r\nvulnerable to an attack from a malicious CA to circumvent certain checks.\r\n\r\nInvalid certificate policies in leaf certificates are silently ignored by\r\nOpenSSL and other certificate policy checks are skipped for that certificate.\r\nA malicious CA could use this to deliberately assert invalid certificate policies\r\nin order to circumvent policy checking on the certificate altogether.\r\n\r\nPolicy processing is disabled by default but can be enabled by passing\r\nthe `-policy` argument to the command line utilities or by calling the\r\n`X509_VERIFY_PARAM_set1_policies()` function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-0465"
    },
    {
      "cve": "CVE-2023-0466",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The function X509_VERIFY_PARAM_add0_policy() is documented to\r\nimplicitly enable the certificate policy check when doing certificate\r\nverification. However the implementation of the function does not\r\nenable the check which allows certificates with invalid or incorrect\r\npolicies to pass the certificate verification.\r\n\r\nAs suddenly enabling the policy check could break existing deployments it was\r\ndecided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy()\r\nfunction.\r\n\r\nInstead the applications that require OpenSSL to perform certificate\r\npolicy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly\r\nenable the policy check by calling X509_VERIFY_PARAM_set_flags() with\r\nthe X509_V_FLAG_POLICY_CHECK flag argument.\r\n\r\nCertificate policy checks are disabled by default in OpenSSL and are not\r\ncommonly used by applications.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-0466"
    },
    {
      "cve": "CVE-2023-0687",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function __monstartup of the file gmon.c of the component Call Graph Monitor. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. VDB-220246 is the identifier assigned to this vulnerability. NOTE: The real existence of this vulnerability is still doubted at the moment. The inputs that induce this vulnerability are basically addresses of the running application that is built with gmon enabled. It\u0027s basically trusted input or input that needs an actual security flaw to be compromised or controlled.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-0687"
    },
    {
      "cve": "CVE-2023-1077",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-1077"
    },
    {
      "cve": "CVE-2023-1206",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel\u2019s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-1206"
    },
    {
      "cve": "CVE-2023-2650",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience notable to very long delays when processing those messages, which may lead to a Denial of Service. An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - most of which have no size limit. OBJ_obj2txt() may be used to translate an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL type ASN1_OBJECT) to its canonical numeric text form, which are the sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by periods. When one of the sub-identifiers in the OBJECT IDENTIFIER is very large (these are sizes that are seen as absurdly large, taking up tens or hundreds of KiBs), the translation to a decimal number in text may take a very long time. The time complexity is O(square(n)) with \u0027n\u0027 being the size of the sub-identifiers in bytes (*). With OpenSSL 3.0, support to fetch cryptographic algorithms using names / identifiers in string form was introduced. This includes using OBJECT IDENTIFIERs in canonical numeric text form as identifiers for fetching algorithms. Such OBJECT IDENTIFIERs may be received through the ASN.1 structure AlgorithmIdentifier, which is commonly used in multiple protocols to specify what cryptographic algorithm should be used to sign or verify, encrypt or decrypt, or digest passed data. Applications that call OBJ_obj2txt() directly with untrusted data are affected, with any version of OpenSSL. If the use is for the mere purpose of display, the severity is considered low. In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 certificates, including simple things like verifying its signature. The impact on TLS is relatively low, because all versions of OpenSSL have a 100KiB limit on the peer\u0027s certificate chain. Additionally, this only impacts clients, or servers that have explicitly enabled client authentication. In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, such as X.509 certificates. This is assumed to not happen in such a way that it would cause a Denial of Service, so these versions are considered not affected by this issue in such a way that it would be cause for concern, and the severity is therefore considered low.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-2650"
    },
    {
      "cve": "CVE-2023-2953",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-2953"
    },
    {
      "cve": "CVE-2023-3212",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. A privileged local user could use this flaw to cause a kernel panic.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-3212"
    },
    {
      "cve": "CVE-2023-3446",
      "cwe": {
        "id": "CWE-606",
        "name": "Unchecked Input for Loop Condition"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus (\u0027p\u0027 parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulernable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the \u0027-check\u0027 option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-3446"
    },
    {
      "cve": "CVE-2023-3609",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: cls_u32 component can be exploited to achieve local privilege escalation.\r\n\r\nIf tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-3609"
    },
    {
      "cve": "CVE-2023-3611",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds write vulnerability in the Linux kernel\u0027s net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\r\n\r\nThe qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-3611"
    },
    {
      "cve": "CVE-2023-3772",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel\u0027s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-3772"
    },
    {
      "cve": "CVE-2023-3817",
      "cwe": {
        "id": "CWE-834",
        "name": "Excessive Iteration"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. After fixing CVE-2023-3446 it was discovered that a large q parameter value can also trigger an overly long computation during some of these checks. A correct q value, if present, cannot be larger than the modulus p parameter, thus it is unnecessary to perform these checks if q is larger than p. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the \"-check\" option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-3817"
    },
    {
      "cve": "CVE-2023-4016",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Under some circumstances, this weakness allows a user who has access to run the \u201cps\u201d utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-4016"
    },
    {
      "cve": "CVE-2023-4039",
      "cwe": {
        "id": "CWE-693",
        "name": "Protection Mechanism Failure"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A failure in the -fstack-protector feature in GCC-based toolchains \nthat target AArch64 allows an attacker to exploit an existing buffer \noverflow in dynamically-sized local variables in your application \nwithout this being detected. This stack-protector failure only applies \nto C99-style dynamically-sized local variables or those created using \nalloca(). The stack-protector operates as intended for statically-sized \nlocal variables.\n\nThe default behavior when the stack-protector \ndetects an overflow is to terminate your application, resulting in \ncontrolled loss of availability. An attacker who can exploit a buffer \noverflow without triggering the stack-protector might be able to change \nprogram flow control to cause an uncontrolled loss of availability or to\n go further and affect confidentiality or integrity.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-4039"
    },
    {
      "cve": "CVE-2023-4623",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation.\n\nIf a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free.\n\nWe recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-4623"
    },
    {
      "cve": "CVE-2023-4807",
      "cwe": {
        "id": "CWE-440",
        "name": "Expected Behavior Violation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications on the Windows 64 platform when running on newer X86_64 processors supporting the AVX512-IFMA instructions. Impact summary: If in an application that uses the OpenSSL library an attacker can influence whether the POLY1305 MAC algorithm is used, the application state might be corrupted with various application dependent consequences. The POLY1305 MAC (message authentication code) implementation in OpenSSL does not save the contents of non-volatile XMM registers on Windows 64 platform when calculating the MAC of data larger than 64 bytes. Before returning to the caller all the XMM registers are set to zero rather than restoring their previous content. The vulnerable code is used only on newer x86_64 processors supporting the AVX512-IFMA instructions. The consequences of this kind of internal application state corruption can be various - from no consequences, if the calling application does not depend on the contents of non-volatile XMM registers at all, to the worst consequences, where the attacker could get complete control of the application process. However given the contents of the registers are just zeroized so the attacker cannot put arbitrary values inside, the most likely consequence, if any, would be an incorrect result of some application dependent calculations or a crash leading to a denial of service. The POLY1305 MAC algorithm is most frequently used as part of the CHACHA20-POLY1305 AEAD (authenticated encryption with associated data) algorithm. The most common usage of this AEAD cipher is with TLS protocol versions 1.2 and 1.3 and a malicious client can influence whether this AEAD cipher is used by the server. This implies that server applications using OpenSSL can be potentially impacted. However we are currently not aware of any concrete application that would be affected by this issue therefore we consider this a Low severity security issue. As a workaround the AVX512-IFMA instructions support can be disabled at runtime by setting the environment variable OPENSSL_ia32cap: OPENSSL_ia32cap=:~0x200000 The FIPS provider is not affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-4807"
    },
    {
      "cve": "CVE-2023-4813",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-4813"
    },
    {
      "cve": "CVE-2023-4921",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\n\nWhen the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrect .peek handler of sch_plug and lack of error checking in agg_dequeue().\n\nWe recommend upgrading past commit 8fc134fee27f2263988ae38920bc03da416b03d8.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-4921"
    },
    {
      "cve": "CVE-2023-5156",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-5156"
    },
    {
      "cve": "CVE-2023-5678",
      "cwe": {
        "id": "CWE-606",
        "name": "Unchecked Input for Loop Condition"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn\u0027t make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn\u0027t check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the \"-pubcheck\" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-5678"
    },
    {
      "cve": "CVE-2023-5717",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A heap out-of-bounds write vulnerability in the Linux kernel\u0027s Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation.\r\n\r\nIf perf_read_group() is called while an event\u0027s sibling_list is smaller than its child\u0027s sibling_list, it can increment or write to memory locations outside of the allocated buffer.\r\n\r\nWe recommend upgrading past commit 32671e3799ca2e4590773fd0e63aaa4229e50c06.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-5717"
    },
    {
      "cve": "CVE-2023-5981",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-5981"
    },
    {
      "cve": "CVE-2023-6121",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the kernel ring buffer (dmesg).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-6121"
    },
    {
      "cve": "CVE-2023-6817",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nThe function nft_pipapo_walk did not skip inactive elements during set walk which could lead double deactivations of PIPAPO (Pile Packet Policies) elements, leading to use-after-free.\n\nWe recommend upgrading past commit 317eb9685095678f2c9f5a8189de698c5354316a.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-6817"
    },
    {
      "cve": "CVE-2023-6931",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A heap out-of-bounds write vulnerability in the Linux kernel\u0027s Performance Events system component can be exploited to achieve local privilege escalation.\n\nA perf_event\u0027s read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group().\n\nWe recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-6931"
    },
    {
      "cve": "CVE-2023-6932",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s ipv4: igmp component can be exploited to achieve local privilege escalation.\n\nA race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread.\n\nWe recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-6932"
    },
    {
      "cve": "CVE-2023-23914",
      "cwe": {
        "id": "CWE-319",
        "name": "Cleartext Transmission of Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A cleartext transmission of sensitive information vulnerability exists in curl \u003cv7.88.0 that could cause HSTS functionality fail when multiple URLs are requested serially. Using its HSTS support, curl can be instructed to use HTTPS instead of usingan insecure clear-text HTTP step even when HTTP is provided in the URL. ThisHSTS mechanism would however surprisingly be ignored by subsequent transferswhen done on the same command line because the state would not be properlycarried on.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-23914"
    },
    {
      "cve": "CVE-2023-23915",
      "cwe": {
        "id": "CWE-319",
        "name": "Cleartext Transmission of Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A cleartext transmission of sensitive information vulnerability exists in curl \u003cv7.88.0 that could cause HSTS functionality to behave incorrectly when multiple URLs are requested in parallel. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. This HSTS mechanism would however surprisingly fail when multiple transfers are done in parallel as the HSTS cache file gets overwritten by the most recentlycompleted transfer. A later HTTP-only transfer to the earlier host name would then *not* get upgraded properly to HSTS.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "mitigation",
          "details": "For earlier versions see the recommendations from section Workarounds and Mitigations",
          "product_ids": [
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-23915"
    },
    {
      "cve": "CVE-2023-23916",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An allocation of resources without limits or throttling vulnerability exists in curl \u003cv7.88.0 based on the \"chained\" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable \"links\" in this \"decompression chain\" wascapped, but the cap was implemented on a per-header basis allowing a maliciousserver to insert a virtually unlimited number of compression steps simply byusing many headers. The use of such a decompression chain could result in a \"malloc bomb\", making curl end up spending enormous amounts of allocated heap memory, or trying to and returning out of memory errors.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-23916"
    },
    {
      "cve": "CVE-2023-24329",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-24329"
    },
    {
      "cve": "CVE-2023-25136",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-party report states \"remote code execution is theoretically possible.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-25136"
    },
    {
      "cve": "CVE-2023-25139",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "sprintf in the GNU C Library (glibc) 2.37 has a buffer overflow (out-of-bounds write) in some situations with a correct buffer size. This is unrelated to CWE-676. It may write beyond the bounds of the destination buffer when attempting to write a padded, thousands-separated string representation of a number, if the buffer is allocated the exact size required to represent that number as a string. For example, 1,234,567 (with padding to 13) overflows by two bytes.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-25139"
    },
    {
      "cve": "CVE-2023-26604",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the \"systemctl status\" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-26604"
    },
    {
      "cve": "CVE-2023-27371",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNU libmicrohttpd before 0.9.76 allows remote DoS (Denial of Service) due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHD_create_post_processor() method. This allows an attacker to remotely send a malicious HTTP POST packet that includes one or more \u0027\\0\u0027 bytes in a multipart/form-data boundary field, which - assuming a specific heap layout - will result in an out-of-bounds read and a crash in the find_boundary() function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AC:H/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-27371"
    },
    {
      "cve": "CVE-2023-27533",
      "cwe": {
        "id": "CWE-74",
        "name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability in input validation exists in curl \u003c8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and \"telnet options\" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform option negotiation without the application\u0027s intent. This vulnerability could be exploited if an application allows user input, thereby enabling attackers to execute arbitrary code on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-27533"
    },
    {
      "cve": "CVE-2023-27534",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A path traversal vulnerability exists in curl \u003c8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user\u0027s home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-27534"
    },
    {
      "cve": "CVE-2023-27535",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An authentication bypass vulnerability exists in libcurl \u003c8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-27535"
    },
    {
      "cve": "CVE-2023-27536",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An authentication bypass vulnerability exists libcurl \u003c8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-27536"
    },
    {
      "cve": "CVE-2023-27537",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A double free vulnerability exists in libcurl \u003c8.0.0 when sharing HSTS data between separate \"handles\". This sharing was introduced without considerations for do this sharing across separate threads but there was no indication of this fact in the documentation. Due to missing mutexes or thread locks, two threads sharing the same HSTS data could end up doing a double-free or use-after-free.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-27537"
    },
    {
      "cve": "CVE-2023-27538",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl would reuse a previously created connection even when an SSH related option had been changed that should have prohibited reuse. libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, two SSH settings were left out from the configuration match checks, making them match too easily.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-27538"
    },
    {
      "cve": "CVE-2023-28484",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-28484"
    },
    {
      "cve": "CVE-2023-29383",
      "cwe": {
        "id": "CWE-74",
        "name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that \"cat /etc/passwd\" shows a rogue user account.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-29383"
    },
    {
      "cve": "CVE-2023-29469",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the \u0027\\0\u0027 value).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-29469"
    },
    {
      "cve": "CVE-2023-29491",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-29491"
    },
    {
      "cve": "CVE-2023-29499",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-29499"
    },
    {
      "cve": "CVE-2023-31085",
      "cwe": {
        "id": "CWE-369",
        "name": "Divide By Zero"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd-\u003eerasesize), used indirectly by ctrl_cdev_ioctl, when mtd-\u003eerasesize is 0.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-31085"
    },
    {
      "cve": "CVE-2023-32611",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-32611"
    },
    {
      "cve": "CVE-2023-32636",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect glib distributors who followed the guidance of glib developers to backport the initial fix for CVE-2023-29499.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-32636"
    },
    {
      "cve": "CVE-2023-32643",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in GLib. The GVariant deserialization code is vulnerable to a heap buffer overflow introduced by the fix for CVE-2023-32665. This bug does not affect any released version of GLib, but does affect GLib distributors who followed the guidance of GLib developers to backport the initial fix for CVE-2023-32665.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-32643"
    },
    {
      "cve": "CVE-2023-32665",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "mitigation",
          "details": "Limit remote access to port 22350/tcp on systems where the Codemeter runtime network server is running. Note that this is the default configuration, which therefore limits the exploitability to local attacks only.",
          "product_ids": [
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-32665"
    },
    {
      "cve": "CVE-2023-34319",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The fix for XSA-423 added logic to Linux\u0027es netback driver to deal with\na frontend splitting a packet in a way such that not all of the headers\nwould come in one piece.  Unfortunately the logic introduced there\ndidn\u0027t account for the extreme case of the entire packet being split\ninto as many pieces as permitted by the protocol, yet still being\nsmaller than the area that\u0027s specially dealt with to keep all (possible)\nheaders together.  Such an unusual packet would therefore trigger a\nbuffer overrun in the driver.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-34319"
    },
    {
      "cve": "CVE-2023-34969",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the same dbus-daemon can cause a dbus-daemon crash under some circumstances via an unreplyable message. When done on the well-known system bus, this is a denial-of-service vulnerability. The fixed versions are 1.12.28, 1.14.8, and 1.15.6.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-34969"
    },
    {
      "cve": "CVE-2023-35001",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-35001"
    },
    {
      "cve": "CVE-2023-35945",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy\u2019s HTTP/2 codec may leak a header map and bookkeeping structures upon receiving `RST_STREAM` immediately followed by the `GOAWAY` frames from an upstream server. In nghttp2, cleanup of pending requests due to receipt of the `GOAWAY` frame skips de-allocation of the bookkeeping structure and pending compressed header. The error return [code path] is taken if connection is already marked for not sending more requests due to `GOAWAY` frame. The clean-up code is right after the return statement, causing memory leak. Denial of service through memory exhaustion. This vulnerability was patched in versions(s) 1.26.3, 1.25.8, 1.24.9, 1.23.11.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-35945"
    },
    {
      "cve": "CVE-2023-38408",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-38408"
    },
    {
      "cve": "CVE-2023-39128",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-39128"
    },
    {
      "cve": "CVE-2023-39189",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-39189"
    },
    {
      "cve": "CVE-2023-39192",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a crash or information disclosure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-39192"
    },
    {
      "cve": "CVE-2023-39193",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-39193"
    },
    {
      "cve": "CVE-2023-39194",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, potentially leading to an information disclosure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.2,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-39194"
    },
    {
      "cve": "CVE-2023-39615",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Xmlsoft Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file. NOTE: the vendor\u0027s position is that the product does not support the legacy SAX1 interface with custom callbacks; there is a crash even without crafted input.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-39615"
    },
    {
      "cve": "CVE-2023-40283",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the children of an sk are mishandled.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-40283"
    },
    {
      "cve": "CVE-2023-42754",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privileges to crash the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-42754"
    },
    {
      "cve": "CVE-2023-42755",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-42755"
    },
    {
      "cve": "CVE-2023-45322",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor\u0027s position is \"I don\u0027t think these issues are critical enough to warrant a CVE ID ... because an attacker typically can\u0027t control when memory allocations fail.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-45322"
    },
    {
      "cve": "CVE-2023-45853",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-45853"
    },
    {
      "cve": "CVE-2023-45871",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-45871"
    },
    {
      "cve": "CVE-2023-45898",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The Linux kernel before 6.5.4 has an es1 use-after-free in fs/ext4/extents_status.c, related to ext4_es_insert_extent.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-45898"
    },
    {
      "cve": "CVE-2023-45918",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinfo/lib_termcap.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-45918"
    },
    {
      "cve": "CVE-2023-46862",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel through 6.5.9. During a race with SQ thread exit, an io_uring/fdinfo.c io_uring_show_fdinfo NULL pointer dereference can occur.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-46862"
    },
    {
      "cve": "CVE-2023-52425",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-52425"
    },
    {
      "cve": "CVE-2023-52426",
      "cwe": {
        "id": "CWE-776",
        "name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-52426"
    },
    {
      "cve": "CVE-2023-52444",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid dirent corruption As Al reported in link[1]: f2fs_rename() ... if (old_dir != new_dir \u0026\u0026 !whiteout) f2fs_set_link(old_inode, old_dir_entry, old_dir_page, new_dir); else f2fs_put_page(old_dir_page, 0); You want correct inumber in the \"..\" link. And cross-directory rename does move the source to new parent, even if you\u0027d been asked to leave a whiteout in the old place. [1] https://lore.kernel.org/all/20231017055040.GN800259@ZenIV/ With below testcase, it may cause dirent corruption, due to it missed to call f2fs_set_link() to update \"..\" link to new directory. - mkdir -p dir/foo - renameat2 -w dir/foo bar [ASSERT] (__chk_dots_dentries:1421) --\u003e Bad inode number[0x4] for \u0027..\u0027, parent parent ino is [0x3] [FSCK] other corrupted bugs [Fail]",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-52444"
    },
    {
      "cve": "CVE-2023-52464",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: EDAC/thunderx: Fix possible out-of-bounds string access Enabling -Wstringop-overflow globally exposes a warning for a common bug in the usage of strncat(): drivers/edac/thunderx_edac.c: In function \u0027thunderx_ocx_com_threaded_isr\u0027: drivers/edac/thunderx_edac.c:1136:17: error: \u0027strncat\u0027 specified bound 1024 equals destination size [-Werror=stringop-overflow=] 1136 | strncat(msg, other, OCX_MESSAGE_SIZE); | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ... 1145 | strncat(msg, other, OCX_MESSAGE_SIZE); ... 1150 | strncat(msg, other, OCX_MESSAGE_SIZE); ... Apparently the author of this driver expected strncat() to behave the way that strlcat() does, which uses the size of the destination buffer as its third argument rather than the length of the source buffer. The result is that there is no check on the size of the allocated buffer. Change it to strlcat(). [ bp: Trim compiler output, fixup commit message. ]",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-52464"
    },
    {
      "cve": "CVE-2023-52612",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: crypto: scomp - fix req-\u003edst buffer overflow The req-\u003edst buffer size should be checked before copying from the scomp_scratch-\u003edst to avoid req-\u003edst buffer overflow problem.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-52612"
    },
    {
      "cve": "CVE-2023-52622",
      "cwe": {
        "id": "CWE-131",
        "name": "Incorrect Calculation of Buffer Size"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ext4: avoid online resizing failures due to oversized flex bg.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-52622"
    },
    {
      "cve": "CVE-2023-52675",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: powerpc/imc-pmu: Add a null pointer check in update_events_in_group() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-52675"
    },
    {
      "cve": "CVE-2023-52699",
      "cwe": {
        "id": "CWE-833",
        "name": "Deadlock"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: sysv: don\u0027t call sb_bread() with pointers_lock held syzbot is reporting sleep in atomic context in SysV filesystem [1], for sb_bread() is called with rw_spinlock held. A \"write_lock(\u0026pointers_lock) =\u003e read_lock(\u0026pointers_lock) deadlock\" bug and a \"sb_bread() with write_lock(\u0026pointers_lock)\" bug were introduced by \"Replace BKL for chain locking with sysvfs-private rwlock\" in Linux 2.5.12. Then, \"[PATCH] err1-40: sysvfs locking fix\" in Linux 2.6.8 fixed the former bug by moving pointers_lock lock to the callers, but instead introduced a \"sb_bread() with read_lock(\u0026pointers_lock)\" bug (which made this problem easier to hit). Al Viro suggested that why not to do like get_branch()/get_block()/ find_shared() in Minix filesystem does. And doing like that is almost a revert of \"[PATCH] err1-40: sysvfs locking fix\" except that get_branch() from with find_shared() is called without write_lock(\u0026pointers_lock).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-52699"
    },
    {
      "cve": "CVE-2024-0584",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free issue was found in igmp_start_timer in net/ipv4/igmp.c in the network sub-component in the Linux Kernel. This flaw allows a local user to observe a refcnt use-after-free issue when receiving an igmp query packet, leading to a kernel information leak.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-0584"
    },
    {
      "cve": "CVE-2024-2004",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protocol which has been explicitly disabled.      curl --proto -all,-http http://curl.se  The flaw is only present if the set of selected protocols disables the entire set of available protocols, in itself a command with no practical use and therefore unlikely to be encountered in real situations. The curl security team has thus assessed this to be low severity bug.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-2004"
    },
    {
      "cve": "CVE-2024-2236",
      "cwe": {
        "id": "CWE-208",
        "name": "Observable Timing Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A timing-based side-channel flaw was found in libgcrypt\u0027s RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-2236"
    },
    {
      "cve": "CVE-2024-2379",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-2379"
    },
    {
      "cve": "CVE-2024-2398",
      "cwe": {
        "id": "CWE-772",
        "name": "Missing Release of Resource after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory.  Further, this error condition fails silently and is therefore not easily detected by an application.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-2398"
    },
    {
      "cve": "CVE-2024-2466",
      "cwe": {
        "id": "CWE-297",
        "name": "Improper Validation of Certificate with Host Mismatch"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS.  libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate check. This affects all uses of TLS protocols (HTTPS, FTPS, IMAPS, POPS3, SMTPS, etc).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-2466"
    },
    {
      "cve": "CVE-2024-2511",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions. An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in TLSv1.3 if the non-default SSL_OP_NO_TICKET option is being used (but not if early_data support is also configured and the default anti-replay protection is in use). In this case, under certain conditions, the session cache can get into an incorrect state and it will fail to flush properly as it fills. The session cache will continue to grow in an unbounded manner. A malicious client could deliberately create the scenario for this failure to force a Denial of Service. It may also happen by accident in normal operation. This issue only affects TLS servers supporting TLSv1.3. It does not affect TLS clients. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue. OpenSSL 1.0.2 is also not affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-2511"
    },
    {
      "cve": "CVE-2024-5535",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a range of potential consequences such as unexpected application beahviour or a crash. In particular this issue could result in up to 255 bytes of arbitrary private data from memory being sent to the peer leading to a loss of confidentiality. However, only applications that directly call the SSL_select_next_proto function with a 0 length list of supported client protocols are affected by this issue. This would normally never be a valid scenario and is typically not under attacker control but may occur by accident in the case of a configuration or programming error in the calling application. The OpenSSL API function SSL_select_next_proto is typically used by TLS applications that support ALPN (Application Layer Protocol Negotiation) or NPN (Next Protocol Negotiation). NPN is older, was never standardised and is deprecated in favour of ALPN. We believe that ALPN is significantly more widely deployed than NPN. The SSL_select_next_proto function accepts a list of protocols from the server and a list of protocols from the client and returns the first protocol that appears in the server list that also appears in the client list. In the case of no overlap between the two lists it returns the first item in the client list. In either case it will signal whether an overlap between the two lists was found. In the case where SSL_select_next_proto is called with a zero length client list it fails to notice this condition and returns the memory immediately following the client list pointer (and reports that there was no overlap in the lists). This function is typically called from a server side application callback for ALPN or a client side application callback for NPN. In the case of ALPN the list of protocols supplied by the client is guaranteed by libssl to never be zero in length. The list of server protocols comes from the application and should never normally be expected to be of zero length. In this case if the SSL_select_next_proto function has been called as expected (with the list supplied by the client passed in the client/client_len parameters), then the application will not be vulnerable to this issue. If the application has accidentally been configured with a zero length server list, and has accidentally passed that zero length server list in the client/client_len parameters, and has additionally failed to correctly handle a \"no overlap\" response (which would normally result in a handshake failure in ALPN) then it will be vulnerable to this problem. In the case of NPN, the protocol permits the client to opportunistically select a protocol when there is no overlap. OpenSSL returns the first client protocol in the no overlap case in support of this. The list of client protocols comes from the application and should never normally be expected to be of zero length. However if the SSL_select_next_proto function is accidentally called with a client_len of 0 then an invalid memory pointer will be returned instead. If the application uses this output as the opportunistic protocol then the loss of confidentiality will occur. This issue has been assessed as Low severity because applications are most likely to be vulnerable if they are using NPN instead of ALPN - but NPN is not widely used. It also requires an application configuration or programming error. Finally, this issue would not typically be under attacker control making active exploitation unlikely. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue. Due to the low severity of this issue we are not issuing new releases of OpenSSL at this time. The fix will be included in the next releases when they become available.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-5535"
    },
    {
      "cve": "CVE-2024-5742",
      "cwe": {
        "id": "CWE-377",
        "name": "Insecure Temporary File"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privileges through a malicious symlink.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-5742"
    },
    {
      "cve": "CVE-2024-6409",
      "cwe": {
        "id": "CWE-364",
        "name": "Signal Handler Race Condition"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A race condition vulnerability was discovered in how signals are handled by OpenSSH\u0027s server (sshd). If a remote attacker does not authenticate within a set time period, then sshd\u0027s SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog(). As a consequence of a successful attack, in the worst case scenario, an attacker may be able to perform a remote code execution (RCE) as an unprivileged user running the sshd server.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-6409"
    },
    {
      "cve": "CVE-2024-7264",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl\u0027s ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field, the parser might end up using -1 for the length of the *time fraction*, leading to a `strlen()` getting performed on a pointer to a heap buffer area that is not (purposely) null terminated. This flaw most likely leads to a crash, but can also lead to heap contents getting returned to the application when [CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-7264"
    },
    {
      "cve": "CVE-2024-8096",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. If the returned status reports another error than \u0027revoked\u0027 (like for example \u0027unauthorized\u0027) it is not treated as a bad certficate.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-8096"
    },
    {
      "cve": "CVE-2024-8176",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-8176"
    },
    {
      "cve": "CVE-2024-9143",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: Use of the low-level GF(2m) elliptic curve APIs with untrusted explicit values for the field polynomial can lead to out-of-bounds memory reads or writes. Impact summary: Out of bound memory writes can lead to an application crash or even a possibility of a remote code execution, however, in all the protocols involving Elliptic Curve Cryptography that we\u0027re aware of, either only \"named curves\" are supported, or, if explicit curve parameters are supported, they specify an X9.62 encoding of binary (GF(2m)) curves that can\u0027t represent problematic input values. Thus the likelihood of existence of a vulnerable application is low. In particular, the X9.62 encoding is used for ECC keys in X.509 certificates, so problematic inputs cannot occur in the context of processing X.509 certificates. Any problematic use-cases would have to be using an \"exotic\" curve encoding. The affected APIs include: EC_GROUP_new_curve_GF2m(), EC_GROUP_new_from_params(), and various supporting BN_GF2m_*() functions. Applications working with \"exotic\" explicit binary (GF(2m)) curve parameters, that make it possible to represent invalid field polynomials with a zero constant term, via the above or similar APIs, may terminate abruptly as a result of reading or writing outside of array bounds. Remote code execution cannot easily be ruled out. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-9143"
    },
    {
      "cve": "CVE-2024-11053",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When asked to both use a `.netrc` file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has an entry that matches the redirect target hostname but the entry either omits just the password or omits both login and password.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-11053"
    },
    {
      "cve": "CVE-2024-26645",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracing_map.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-26645"
    },
    {
      "cve": "CVE-2024-26671",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix IO hang from sbitmap wakeup race.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-26671"
    },
    {
      "cve": "CVE-2024-26679",
      "cwe": {
        "id": "CWE-413",
        "name": "Improper Resource Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ninet: read sk-\u003esk_family once in inet_recv_error()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-26679"
    },
    {
      "cve": "CVE-2024-26772",
      "cwe": {
        "id": "CWE-413",
        "name": "Improper Resource Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\next4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()\r\n\r\nPlaces the logic for checking if the group\u0027s block bitmap is corrupt under\r\nthe protection of the group lock to avoid allocating blocks from the group\r\nwith a corrupted block bitmap.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-26772"
    },
    {
      "cve": "CVE-2024-26773",
      "cwe": {
        "id": "CWE-413",
        "name": "Improper Resource Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-26773"
    },
    {
      "cve": "CVE-2024-26777",
      "cwe": {
        "id": "CWE-369",
        "name": "Divide By Zero"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfbdev: sis: Error out if pixclock equals zero",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-26777"
    },
    {
      "cve": "CVE-2024-26805",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netlink: Fix kernel-infoleak-after-free in skb_datagram_iter.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-26805"
    },
    {
      "cve": "CVE-2024-26835",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nf_tables: set dormant flag on hook register failure",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-26835"
    },
    {
      "cve": "CVE-2024-26863",
      "cwe": {
        "id": "CWE-908",
        "name": "Use of Uninitialized Resource"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: hsr: Fix uninit-value access in hsr_get_node().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-26863"
    },
    {
      "cve": "CVE-2024-26878",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: quota: Fix potential NULL pointer dereference.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-26878"
    },
    {
      "cve": "CVE-2024-26880",
      "cwe": {
        "id": "CWE-99",
        "name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: dm: call the resume method on internal suspend.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-26880"
    },
    {
      "cve": "CVE-2024-26898",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-26898"
    },
    {
      "cve": "CVE-2024-26901",
      "cwe": {
        "id": "CWE-908",
        "name": "Use of Uninitialized Resource"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-26901"
    },
    {
      "cve": "CVE-2024-26923",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-26923"
    },
    {
      "cve": "CVE-2024-26957",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: fix reference counting on zcrypt card objects.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-26957"
    },
    {
      "cve": "CVE-2024-26973",
      "cwe": {
        "id": "CWE-457",
        "name": "Use of Uninitialized Variable"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: fat: fix uninitialized field in nostale filehandles When fat_encode_fh_nostale() encodes file handle without a parent it stores only first 10 bytes of the file handle. However the length of the file handle must be a multiple of 4 so the file handle is actually 12 bytes long and the last two bytes remain uninitialized. This is not great at we potentially leak uninitialized information with the handle to userspace. Properly initialize the full handle length.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-26973"
    },
    {
      "cve": "CVE-2024-27020",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in nft_expr_type_get().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-27020"
    },
    {
      "cve": "CVE-2024-27032",
      "cwe": {
        "id": "CWE-833",
        "name": "Deadlock"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential panic during recovery During recovery, if FAULT_BLOCK is on, it is possible that f2fs_reserve_new_block() will return -ENOSPC during recovery, then it may trigger panic. Also, if fault injection rate is 1 and only FAULT_BLOCK fault type is on, it may encounter deadloop in loop of block reservation. Let\u0027s change as below to fix these issues: - remove bug_on() to avoid panic. - limit the loop count of block reservation to avoid potential deadloop.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-27032"
    },
    {
      "cve": "CVE-2024-27065",
      "cwe": {
        "id": "CWE-1287",
        "name": "Improper Validation of Specified Type of Input"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: do not compare internal table flags on updates Restore skipping transaction if table update does not modify flags.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-27065"
    },
    {
      "cve": "CVE-2024-27074",
      "cwe": {
        "id": "CWE-772",
        "name": "Missing Release of Resource after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: media: go7007: fix a memleak in go7007_load_encoder.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-27074"
    },
    {
      "cve": "CVE-2024-28182",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbounded number of HTTP/2 CONTINUATION frames even after a stream is reset to keep HPACK context in sync.  This causes excessive CPU usage to decode HPACK stream. nghttp2 v1.61.0 mitigates this vulnerability by limiting the number of CONTINUATION frames it accepts per stream. There is no workaround for this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-28182"
    },
    {
      "cve": "CVE-2024-28757",
      "cwe": {
        "id": "CWE-776",
        "name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-28757"
    },
    {
      "cve": "CVE-2024-28834",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-28834"
    },
    {
      "cve": "CVE-2024-28835",
      "cwe": {
        "id": "CWE-248",
        "name": "Uncaught Exception"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the \"certtool --verify-chain\" command.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-28835"
    },
    {
      "cve": "CVE-2024-33621",
      "cwe": {
        "id": "CWE-1287",
        "name": "Improper Validation of Specified Type of Input"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ipvlan: Dont Use skb-\u003esk in ipvlan_process_v4 / 6_outbound.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-33621"
    },
    {
      "cve": "CVE-2024-34459",
      "cwe": {
        "id": "CWE-126",
        "name": "Buffer Over-read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-34459"
    },
    {
      "cve": "CVE-2024-35807",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ext4: fix corruption during on-line resize.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-35807"
    },
    {
      "cve": "CVE-2024-35809",
      "cwe": {
        "id": "CWE-1287",
        "name": "Improper Validation of Specified Type of Input"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: PCI/PM: Drain runtime-idle callbacks before driver removal.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-35809"
    },
    {
      "cve": "CVE-2024-35830",
      "cwe": {
        "id": "CWE-665",
        "name": "Improper Initialization"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: media: tc358743: register v4l2 async device only after successful setup Ensure the device has been setup correctly before registering the v4l2 async device, thus allowing userspace to access.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-35830"
    },
    {
      "cve": "CVE-2024-35888",
      "cwe": {
        "id": "CWE-457",
        "name": "Use of Uninitialized Variable"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: erspan: make sure erspan_base_hdr is present in skb-\u003ehead.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-35888"
    },
    {
      "cve": "CVE-2024-35910",
      "cwe": {
        "id": "CWE-665",
        "name": "Improper Initialization"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: tcp: properly terminate timers for kernel sockets We had various syzbot reports about tcp timers firing after the corresponding netns has been dismantled. Fortunately Josef Bacik could trigger the issue more often, and could test a patch I wrote two years ago. When TCP sockets are closed, we call inet_csk_clear_xmit_timers() to \u0027stop\u0027 the timers. inet_csk_clear_xmit_timers() can be called from any context, including when socket lock is held. This is the reason it uses sk_stop_timer(), aka del_timer(). This means that ongoing timers might finish much later. For user sockets, this is fine because each running timer holds a reference on the socket, and the user socket holds a reference on the netns. For kernel sockets, we risk that the netns is freed before timer can complete, because kernel sockets do not hold reference on the netns. This patch adds inet_csk_clear_xmit_timers_sync() function that using sk_stop_timer_sync() to make sure all timers are terminated before the kernel socket is released. Modules using kernel sockets close them in their netns exit() handler. Also add sock_not_owned_by_me() helper to get LOCKDEP support : inet_csk_clear_xmit_timers_sync() must not be called while socket lock is held. It is very possible we can revert in the future commit 3a58f13a881e (\"net: rds: acquire refcount on TCP sockets\") which attempted to solve the issue in rds only. (net/smc/af_smc.c and net/mptcp/subflow.c have similar code) We probably can remove the check_net() tests from tcp_out_of_resources() and __tcp_close() in the future.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-35910"
    },
    {
      "cve": "CVE-2024-35925",
      "cwe": {
        "id": "CWE-369",
        "name": "Divide By Zero"
      },
      "notes": [
        {
          "category": "summary",
          "text": "block: prevent division by zero in blk_rq_stat_sum()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-35925"
    },
    {
      "cve": "CVE-2024-35944",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-35944"
    },
    {
      "cve": "CVE-2024-36017",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation Each attribute inside a nested IFLA_VF_VLAN_LIST is assumed to be a struct ifla_vf_vlan_info so the size of such attribute needs to be at least of sizeof(struct ifla_vf_vlan_info) which is 14 bytes. The current size validation in do_setvfinfo is against NLA_HDRLEN (4 bytes) which is less than sizeof(struct ifla_vf_vlan_info) so this validation is not enough and a too small attribute might be cast to a struct ifla_vf_vlan_info, this might result in an out of bands read access when accessing the saved (casted) entry in ivvl.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-36017"
    },
    {
      "cve": "CVE-2024-36286",
      "cwe": {
        "id": "CWE-1287",
        "name": "Improper Validation of Specified Type of Input"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-36286"
    },
    {
      "cve": "CVE-2024-36484",
      "cwe": {
        "id": "CWE-99",
        "name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net: relax socket state check at accept time.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-36484"
    },
    {
      "cve": "CVE-2024-36904",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-36904"
    },
    {
      "cve": "CVE-2024-36905",
      "cwe": {
        "id": "CWE-369",
        "name": "Divide By Zero"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-36905"
    },
    {
      "cve": "CVE-2024-36934",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: bna: ensure the copied buf is NUL terminated Currently, we allocate a nbytes-sized kernel buffer and copy nbytes from userspace to that buffer. Later, we use sscanf on this buffer but we don\u0027t ensure that the string is terminated inside the buffer, this can lead to OOB read when using sscanf. Fix this issue by using memdup_user_nul instead of memdup_user.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-36934"
    },
    {
      "cve": "CVE-2024-37356",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: tcp: Fix shift-out-of-bounds in dctcp_update_alpha().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-37356"
    },
    {
      "cve": "CVE-2024-38596",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-38596"
    },
    {
      "cve": "CVE-2024-38598",
      "cwe": {
        "id": "CWE-667",
        "name": "Improper Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: md: fix resync softlockup when bitmap size is less than array size.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-38598"
    },
    {
      "cve": "CVE-2024-38612",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix invalid unregister error path The error path of seg6_init() is wrong in case CONFIG_IPV6_SEG6_LWTUNNEL is not defined. In that case if seg6_hmac_init() fails, the genl_unregister_family() isn\u0027t called. This issue exist since commit 46738b1317e1 (\"ipv6: sr: add option to control lwtunnel support\"), and commit 5559cea2d5aa (\"ipv6: sr: fix possible use-after-free and null-ptr-deref\") replaced unregister_pernet_subsys() with genl_unregister_family() in this error path.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-38612"
    },
    {
      "cve": "CVE-2024-38621",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: media: stk1160: fix bounds checking in stk1160_copy_video() The subtract in this condition is reversed. The -\u003elength is the length of the buffer. The -\u003ebytesused is how many bytes we have copied thus far. When the condition is reversed that means the result of the subtraction is always negative but since it\u0027s unsigned then the result is a very high positive value. That means the overflow check is never true. Additionally, the -\u003ebytesused doesn\u0027t actually work for this purpose because we\u0027re not writing to \"buf-\u003emem + buf-\u003ebytesused\". Instead, the math to calculate the destination where we are writing is a bit involved. You calculate the number of full lines already written, multiply by two, skip a line if necessary so that we start on an odd numbered line, and add the offset into the line. To fix this buffer overflow, just take the actual destination where we are writing, if the offset is already out of bounds print an error and return. Otherwise, write up to buf-\u003elength bytes.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-38621"
    },
    {
      "cve": "CVE-2024-38780",
      "cwe": {
        "id": "CWE-667",
        "name": "Improper Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: dma-buf/sw-sync: don\u0027t enable IRQ from sync_print_obj().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-38780"
    },
    {
      "cve": "CVE-2024-39292",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: um: Add winch to winch_handlers before registering winch IRQ Registering a winch IRQ is racy, an interrupt may occur before the winch is added to the winch_handlers list. If that happens, register_winch_irq() adds to that list a winch that is scheduled to be (or has already been) freed, causing a panic later in winch_cleanup(). Avoid the race by adding the winch to the winch_handlers list before registering the IRQ, and rolling back if um_request_irq() fails.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-39292"
    },
    {
      "cve": "CVE-2024-39469",
      "cwe": {
        "id": "CWE-1050",
        "name": "Excessive Platform Resource Consumption within a Loop"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors The error handling in nilfs_empty_dir() when a directory folio/page read fails is incorrect, as in the old ext2 implementation, and if the folio/page cannot be read or nilfs_check_folio() fails, it will falsely determine the directory as empty and corrupt the file system. In addition, since nilfs_empty_dir() does not immediately return on a failed folio/page read, but continues to loop, this can cause a long loop with I/O if i_size of the directory\u0027s inode is also corrupted, causing the log writer thread to wait and hang, as reported by syzbot. Fix these issues by making nilfs_empty_dir() immediately return a false value (0) if it fails to get a directory folio/page.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-39469"
    },
    {
      "cve": "CVE-2024-39487",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-39487"
    },
    {
      "cve": "CVE-2024-39489",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix memleak in seg6_hmac_init_algo seg6_hmac_init_algo returns without cleaning up the previous allocations if one fails, so it\u0027s going to leak all that memory and the crypto tfms. Update seg6_hmac_exit to only free the memory when allocated, so we can reuse the code directly.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-39489"
    },
    {
      "cve": "CVE-2024-40901",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-40901"
    },
    {
      "cve": "CVE-2024-40959",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-40959"
    },
    {
      "cve": "CVE-2024-41046",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiq_etop: fix double free in detach The number of the currently released descriptor is never incremented which results in the same skb being released multiple times.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-41046"
    },
    {
      "cve": "CVE-2024-42070",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers register store validation for NFT_DATA_VALUE is conditional, however, the datatype is always either NFT_DATA_VALUE or NFT_DATA_VERDICT. This only requires a new helper function to infer the register type from the set datatype so this conditional check can be removed. Otherwise, pointer to chain object can be leaked through the registers.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-42070"
    },
    {
      "cve": "CVE-2024-42096",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: x86: stop playing stack games in profile_pc().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-42096"
    },
    {
      "cve": "CVE-2024-42106",
      "cwe": {
        "id": "CWE-908",
        "name": "Use of Uninitialized Resource"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: inet_diag: Initialize pad field in struct inet_diag_req_v2.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-42106"
    },
    {
      "cve": "CVE-2024-42131",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: mm: avoid overflows in dirty throttling logic The dirty throttling logic is interspersed with assumptions that dirty limits in PAGE_SIZE units fit into 32-bit (so that various multiplications fit into 64-bits). If limits end up being larger, we will hit overflows, possible divisions by 0 etc. Fix these problems by never allowing so large dirty limits as they have dubious practical value anyway. For dirty_bytes / dirty_background_bytes interfaces we can just refuse to set so large limits. For dirty_ratio / dirty_background_ratio it isn\u0027t so simple as the dirty limit is computed from the amount of available memory which can change due to memory hotplug etc. So when converting dirty limits from ratios to numbers of pages, we just don\u0027t allow the result to exceed UINT_MAX. This is root-only triggerable problem which occurs when the operator sets dirty limits to \u003e16 TB.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-42131"
    },
    {
      "cve": "CVE-2024-42154",
      "cwe": {
        "id": "CWE-805",
        "name": "Buffer Access with Incorrect Length Value"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: tcp_metrics: validate source addr length I don\u0027t see anything checking that TCP_METRICS_ATTR_SADDR_IPV4 is at least 4 bytes long, and the policy doesn\u0027t have an entry for this attribute at all (neither does it for IPv6 but v6 is manually validated).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-42154"
    },
    {
      "cve": "CVE-2024-43871",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: devres: Fix memory leakage caused by driver API devm_free_percpu() It will cause memory leakage when use driver API devm_free_percpu() to free memory allocated by devm_alloc_percpu(), fixed by using devres_release() instead of devres_destroy() within devm_free_percpu().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-43871"
    },
    {
      "cve": "CVE-2024-44944",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use helper function to calculate expect ID Delete expectation path is missing a call to the nf_expect_get_id() helper function to calculate the expectation ID, otherwise LSB of the expectation object address is leaked to userspace.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-44944"
    },
    {
      "cve": "CVE-2024-44965",
      "cwe": {
        "id": "CWE-229",
        "name": "Improper Handling of Values"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix pti_clone_pgtable() alignment assumption Guenter reported dodgy crashes on an i386-nosmp build using GCC-11 that had the form of endless traps until entry stack exhaust and then #DF from the stack guard. It turned out that pti_clone_pgtable() had alignment assumptions on the start address, notably it hard assumes start is PMD aligned. This is true on x86_64, but very much not true on i386. These assumptions can cause the end condition to malfunction, leading to a \u0027short\u0027 clone. Guess what happens when the user mapping has a short copy of the entry text? Use the correct increment form for addr to avoid alignment assumptions.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-44965"
    },
    {
      "cve": "CVE-2024-46743",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: of/irq: Prevent device address out-of-bounds read in interrupt map walk.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-46743"
    },
    {
      "cve": "CVE-2024-46745",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: Input: uinput - reject requests with unreasonable number of slots When exercising uinput interface syzkaller may try setting up device with a really large number of slots, which causes memory allocation failure in input_mt_init_slots(). While this allocation failure is handled properly and request is rejected, it results in syzkaller reports. Additionally, such request may put undue burden on the system which will try to free a lot of memory for a bogus request. Fix it by limiting allowed number of slots to 100. This can easily be extended if we see devices that can track more than 100 contacts.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-46745"
    },
    {
      "cve": "CVE-2024-46750",
      "cwe": {
        "id": "CWE-413",
        "name": "Improper Resource Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: PCI: Add missing bridge lock to pci_bus_lock().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-46750"
    },
    {
      "cve": "CVE-2024-47684",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ntcp: check skb is non-NULL in tcp_rto_delta_us()\r\n\r\nWe have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic\r\nkernel that are running ceph and recently hit a null ptr dereference in\r\ntcp_rearm_rto(). Initially hitting it from the TLP path, but then later we also\r\nsaw it getting hit from the RACK case as well. Here are examples of the oops\r\nmessages we saw in each of those cases:\r\n\r\nJul 26 15:05:02 rx [11061395.780353] BUG: kernel NULL pointer dereference, address: 0000000000000020\r\nJul 26 15:05:02 rx [11061395.787572] #PF: supervisor read access in kernel mode\r\nJul 26 15:05:02 rx [11061395.792971] #PF: error_code(0x0000) - not-present page\r\nJul 26 15:05:02 rx [11061395.798362] PGD 0 P4D 0\r\nJul 26 15:05:02 rx [11061395.801164] Oops: 0000 [#1] SMP NOPTI\r\nJul 26 15:05:02 rx [11061395.805091] CPU: 0 PID: 9180 Comm: msgr-worker-1 Tainted: G W 5.4.0-174-generic #193-Ubuntu\r\nJul 26 15:05:02 rx [11061395.814996] Hardware name: Supermicro SMC 2x26 os-gen8 64C NVME-Y 256G/H12SSW-NTR, BIOS 2.5.V1.2U.NVMe.UEFI 05/09/2023\r\nJul 26 15:05:02 rx [11061395.825952] RIP: 0010:tcp_rearm_rto+0xe4/0x160\r\nJul 26 15:05:02 rx [11061395.830656] Code: 87 ca 04 00 00 00 5b 41 5c 41 5d 5d c3 c3 49 8b bc 24 40 06 00 00 eb 8d 48 bb cf f7 53 e3 a5 9b c4 20 4c 89 ef e8 0c fe 0e 00 \u003c48\u003e 8b 78 20 48 c1 ef 03 48 89 f8 41 8b bc 24 80 04 00 00 48 f7 e3\r\nJul 26 15:05:02 rx [11061395.849665] RSP: 0018:ffffb75d40003e08 EFLAGS: 00010246\r\nJul 26 15:05:02 rx [11061395.855149] RAX: 0000000000000000 RBX: 20c49ba5e353f7cf RCX: 0000000000000000\r\nJul 26 15:05:02 rx [11061395.862542] RDX: 0000000062177c30 RSI: 000000000000231c RDI: ffff9874ad283a60\r\nJul 26 15:05:02 rx [11061395.869933] RBP: ffffb75d40003e20 R08: 0000000000000000 R09: ffff987605e20aa8\r\nJul 26 15:05:02 rx [11061395.877318] R10: ffffb75d40003f00 R11: ffffb75d4460f740 R12: ffff9874ad283900\r\nJul 26 15:05:02 rx [11061395.884710] R13: ffff9874ad283a60 R14: ffff9874ad283980 R15: ffff9874ad283d30\r\nJul 26 15:05:02 rx [11061395.892095] FS: 00007f1ef4a2e700(0000) GS:ffff987605e00000(0000) knlGS:0000000000000000\r\nJul 26 15:05:02 rx [11061395.900438] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\r\nJul 26 15:05:02 rx [11061395.906435] CR2: 0000000000000020 CR3: 0000003e450ba003 CR4: 0000000000760ef0\r\nJul 26 15:05:02 rx [11061395.913822] PKRU: 55555554\r\nJul 26 15:05:02 rx [11061395.916786] Call Trace:\r\nJul 26 15:05:02 rx [11061395.919488]\r\nJul 26 15:05:02 rx [11061395.921765] ? show_regs.cold+0x1a/0x1f\r\nJul 26 15:05:02 rx [11061395.925859] ? __die+0x90/0xd9\r\nJul 26 15:05:02 rx [11061395.929169] ? no_context+0x196/0x380\r\nJul 26 15:05:02 rx [11061395.933088] ? ip6_protocol_deliver_rcu+0x4e0/0x4e0\r\nJul 26 15:05:02 rx [11061395.938216] ? ip6_sublist_rcv_finish+0x3d/0x50\r\nJul 26 15:05:02 rx [11061395.943000] ? __bad_area_nosemaphore+0x50/0x1a0\r\nJul 26 15:05:02 rx [11061395.947873] ? bad_area_nosemaphore+0x16/0x20\r\nJul 26 15:05:02 rx [11061395.952486] ? do_user_addr_fault+0x267/0x450\r\nJul 26 15:05:02 rx [11061395.957104] ? ipv6_list_rcv+0x112/0x140\r\nJul 26 15:05:02 rx [11061395.961279] ? __do_page_fault+0x58/0x90\r\nJul 26 15:05:02 rx [11061395.965458] ? do_page_fault+0x2c/0xe0\r\nJul 26 15:05:02 rx [11061395.969465] ? page_fault+0x34/0x40\r\nJul 26 15:05:02 rx [11061395.973217] ? tcp_rearm_rto+0xe4/0x160\r\nJul 26 15:05:02 rx [11061395.977313] ? tcp_rearm_rto+0xe4/0x160\r\nJul 26 15:05:02 rx [11061395.981408] tcp_send_loss_probe+0x10b/0x220\r\nJul 26 15:05:02 rx [11061395.985937] tcp_write_timer_handler+0x1b4/0x240\r\nJul 26 15:05:02 rx [11061395.990809] tcp_write_timer+0x9e/0xe0\r\nJul 26 15:05:02 rx [11061395.994814] ? tcp_write_timer_handler+0x240/0x240\r\nJul 26 15:05:02 rx [11061395.999866] call_timer_fn+0x32/0x130\r\nJul 26 15:05:02 rx [11061396.003782] __run_timers.part.0+0x180/0x280\r\nJul 26 15:05:02 rx [11061396.008309] ? recalibrate_cpu_khz+0x10/0x10\r\nJul 26 15:05:02 rx [11061396.012841] ? native_x2apic_icr_write+0x30/0x30\r\nJul 26 15:05:02 rx [11061396.017718] ? lapic_next_even\r\n---truncated---",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-47684"
    },
    {
      "cve": "CVE-2024-47701",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ext4: avoid OOB when system.data xattr changes underneath the filesystem.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-47701"
    },
    {
      "cve": "CVE-2024-47707",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ipv6: A NULL dereference vulnerability may occur in rt6_uncached_list_flush_dev() due to the necessary check being removed by a previous commit.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-47707"
    },
    {
      "cve": "CVE-2024-47737",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: nfsd: call cache_put if xdr_reserve_space returns NULL.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-47737"
    },
    {
      "cve": "CVE-2024-48881",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-48881"
    },
    {
      "cve": "CVE-2024-49881",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ext4: update orig_path in ext4_find_extent().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-49881"
    },
    {
      "cve": "CVE-2024-49884",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ext4: fix slab-use-after-free in ext4_split_extent_at().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-49884"
    },
    {
      "cve": "CVE-2024-49948",
      "cwe": {
        "id": "CWE-124",
        "name": "Buffer Underwrite (\u0027Buffer Underflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net: add more sanity checks to qdisc_pkt_len_init().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-49948"
    },
    {
      "cve": "CVE-2024-49949",
      "cwe": {
        "id": "CWE-124",
        "name": "Buffer Underwrite (\u0027Buffer Underflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net: avoid potential underflow in qdisc_pkt_len_init() with UFO.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-49949"
    },
    {
      "cve": "CVE-2024-49952",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: prevent nf_skb_duplicated corruption.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-49952"
    },
    {
      "cve": "CVE-2024-49982",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in more places For fixing CVE-2023-6270, f98364e92662 (\"aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts\") makes tx() calling dev_put() instead of doing in aoecmd_cfg_pkts(). It avoids that the tx() runs into use-after-free. Then Nicolai Stange found more places in aoe have potential use-after-free problem with tx(). e.g. revalidate(), aoecmd_ata_rw(), resend(), probe() and aoecmd_cfg_rsp(). Those functions also use aoenet_xmit() to push packet to tx queue. So they should also use dev_hold() to increase the refcnt of skb-\u003edev. On the other hand, moving dev_put() to tx() causes that the refcnt of skb-\u003edev be reduced to a negative value, because corresponding dev_hold() are not called in revalidate(), aoecmd_ata_rw(), resend(), probe(), and aoecmd_cfg_rsp(). This patch fixed this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-49982"
    },
    {
      "cve": "CVE-2024-49997",
      "cwe": {
        "id": "CWE-226",
        "name": "Sensitive Information in Resource Not Removed Before Reuse"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiq_etop: fix memory disclosure When applying padding, the buffer is not zeroed, which results in memory disclosure. The mentioned data is observed on the wire. This patch uses skb_put_padto() to pad Ethernet frames properly. The mentioned function zeroes the expanded buffer. In case the packet cannot be padded it is silently dropped. Statistics are also not incremented. This driver does not support statistics in the old 32-bit format or the new 64-bit format. These will be added in the future. In its current form, the patch should be easily backported to stable versions. Ethernet MACs on Amazon-SE and Danube cannot do padding of the packets in hardware, so software padding must be applied.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-49997"
    },
    {
      "cve": "CVE-2024-50006",
      "cwe": {
        "id": "CWE-833",
        "name": "Deadlock"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ext4: fix i_data_sem unlock order in ext4_ind_migrate().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-50006"
    },
    {
      "cve": "CVE-2024-50040",
      "cwe": {
        "id": "CWE-390",
        "name": "Detection of Error Condition Without Action"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: igb: Do not bring the device up after non-fatal error.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-50040"
    },
    {
      "cve": "CVE-2024-50045",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: br_netfilter: fix panic with metadata_dst skb.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-50045"
    },
    {
      "cve": "CVE-2024-50251",
      "cwe": {
        "id": "CWE-131",
        "name": "Incorrect Calculation of Buffer Size"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_payload: sanitize offset and length before calling skb_checksum() If access to offset + length is larger than the skbuff length, then skb_checksum() triggers BUG_ON(). skb_checksum() internally subtracts the length parameter while iterating over skbuff, BUG_ON(len) at the end of it checks that the expected length to be included in the checksum calculation is fully consumed.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-50251"
    },
    {
      "cve": "CVE-2024-50262",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: bpf: Fix out-of-bounds write in trie_get_next_key().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-50262"
    },
    {
      "cve": "CVE-2024-50299",
      "cwe": {
        "id": "CWE-131",
        "name": "Incorrect Calculation of Buffer Size"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: sctp: properly validate chunk size in sctp_sf_ootb()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-50299"
    },
    {
      "cve": "CVE-2024-50301",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: security/keys: fix slab-out-of-bounds in key_task_permission.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-50301"
    },
    {
      "cve": "CVE-2024-50602",
      "cwe": {
        "id": "CWE-754",
        "name": "Improper Check for Unusual or Exceptional Conditions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-50602"
    },
    {
      "cve": "CVE-2024-52332",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "igb: Fix potential invalid memory access in igb_init_module() The pci_register_driver() can fail and when this happened, the dca_notifier needs to be unregistered, otherwise the dca_notifier can be called when igb fails to install, resulting to invalid memory access.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-52332"
    },
    {
      "cve": "CVE-2024-52533",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing \u0027\\\\0\u0027 character.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-52533"
    },
    {
      "cve": "CVE-2024-53057",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-53057"
    },
    {
      "cve": "CVE-2024-53124",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "net: fix data-races around sk sk_forward_alloc.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-53124"
    },
    {
      "cve": "CVE-2024-53140",
      "cwe": {
        "id": "CWE-755",
        "name": "Improper Handling of Exceptional Conditions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netlink: terminate outstanding dump on socket close Netlink supports iterative dumping of data. It provides the families the following ops: - start - (optional) kicks off the dumping process - dump - actual dump helper, keeps getting called until it returns 0 - done - (optional) pairs with .start, can be used for cleanup The whole process is asynchronous and the repeated calls to .dump don\u0027t actually happen in a tight loop, but rather are triggered in response to recvmsg() on the socket. This gives the user full control over the dump, but also means that the user can close the socket without getting to the end of the dump. To make sure .start is always paired with .done we check if there is an ongoing dump before freeing the socket, and if so call .done. The complication is that sockets can get freed from BH and .done is allowed to sleep. So we use a workqueue to defer the call, when needed. Unfortunately this does not work correctly. What we defer is not the cleanup but rather releasing a reference on the socket. We have no guarantee that we own the last reference, if someone else holds the socket they may release it in BH and we\u0027re back to square one. The whole dance, however, appears to be unnecessary. Only the user can interact with dumps, so we can clean up when socket is closed. And close always happens in process context. Some async code may still access the socket after close, queue notification skbs to it etc. but no dumps can start, end or otherwise make progress. Delete the workqueue and flush the dump state directly from the release handler. Note that further cleanup is possible in -next, for instance we now always call .done before releasing the main module reference, so dump doesn\u0027t have to take a reference of its own.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-53140"
    },
    {
      "cve": "CVE-2024-53164",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch-\u003eq.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a call to said function because otherwise it may fail to notify parent qdiscs when the child is about to become empty.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-53164"
    },
    {
      "cve": "CVE-2024-53165",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: sh: intc: Fix use-after-free bug in register_intc_controller() In the error handling for this function, d is freed without ever removing it from intc_list which would lead to a use after free. To fix this, let\u0027s only add it to the list after everything has succeeded.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-53165"
    },
    {
      "cve": "CVE-2024-53217",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent NULL dereference in nfsd4_process_cb_update().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-53217"
    },
    {
      "cve": "CVE-2024-56433",
      "cwe": {
        "id": "CWE-1188",
        "name": "Initialization of a Resource with an Insecure Default"
      },
      "notes": [
        {
          "category": "summary",
          "text": "shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.6,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-56433"
    },
    {
      "cve": "CVE-2024-56569",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ftrace: Fix regression with module command in stack_trace_filter When executing the following command: # echo \"write*:mod:ext3\" \u003e /sys/kernel/tracing/stack_trace_filter The current mod command causes a null pointer dereference. While commit 0f17976568b3f (\"ftrace: Fix regression with module command in stack_trace_filter\") has addressed part of the issue, it left a corner case unhandled, which still results in a kernel crash.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-56569"
    },
    {
      "cve": "CVE-2024-56570",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ovl: Filter invalid inodes with missing lookup function Add a check to the ovl_dentry_weird() function to prevent the processing of directory inodes that lack the lookup function.This is important because such inodes can cause errors in overlayfs when passed to the lowerstack.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-56570"
    },
    {
      "cve": "CVE-2024-56600",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "net: inet6: do not leave a dangling sk pointer in inet6_create() sock_init_data() attaches the allocated sk pointer to the provided sock object. If inet6_create() fails later, the sk object is released, but the sock object retains the dangling sk pointer, which may cause use-after-free later. Clear the sock sk pointer on error.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-56600"
    },
    {
      "cve": "CVE-2024-56601",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inet_create() sock_init_data() attaches the allocated sk object to the provided sock object. If inet_create() fails later, the sk object is freed, but the sock object retains the dangling pointer, which may create use-after-free later. Clear the sk pointer in the sock object on error.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-56601"
    },
    {
      "cve": "CVE-2024-56606",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "af_packet: avoid erroring out after sock_init_data() in packet_create() After sock_init_data() the allocated sk object is attached to the provided sock object. On error, packet_create() frees the sk object leaving the dangling pointer in the sock object on return. Some other code may try to use this pointer and cause use-after-free.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-56606"
    },
    {
      "cve": "CVE-2024-56644",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net/ipv6: release expired exception dst cached in socket Dst objects get leaked in ip6_negative_advice() when this function is executed for an expired IPv6 route located in the exception table.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-56644"
    },
    {
      "cve": "CVE-2024-56650",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: fix LED ID check in led_tg_check() Syzbot has reported the following BUG detected by KASAN",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-56650"
    },
    {
      "cve": "CVE-2024-56770",
      "cwe": {
        "id": "CWE-670",
        "name": "Always-Incorrect Control Flow Implementation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "net/sched: netem: The interface fully stops transferring packets and \"locks\". In this case, the child qdisc and tfifo are empty, but \u0027qlen\u0027 indicates the tfifo is at its limit and no more packets are accepted.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-56770"
    },
    {
      "cve": "CVE-2024-56779",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur\r\n\r\nThe action force umount(umount -f) will attempt to kill all rpc_task even\r\numount operation may ultimately fail if some files remain open.\r\nConsequently, if an action attempts to open a file, it can potentially\r\nsend two rpc_task to nfs server.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-56779"
    },
    {
      "cve": "CVE-2024-56780",
      "cwe": {
        "id": "CWE-833",
        "name": "Deadlock"
      },
      "notes": [
        {
          "category": "summary",
          "text": "quota: flush quota_release_work upon quota writeback One of the paths quota writeback is called from is: freeze_super() sync_filesystem() ext4_sync_fs() dquot_writeback_dquots().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-56780"
    },
    {
      "cve": "CVE-2024-57884",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim()\r\n\r\nThe task sometimes continues looping in throttle_direct_reclaim() because\r\nallow_direct_reclaim(pgdat) keeps returning false.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-57884"
    },
    {
      "cve": "CVE-2024-57901",
      "cwe": {
        "id": "CWE-664",
        "name": "Improper Control of a Resource Through its Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "af_packet: vlan_get_protocol_dgram() vs MSG_PEEK Blamed allowing a crash.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-57901"
    },
    {
      "cve": "CVE-2025-0167",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When asked to use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has a default entry that omits both login and password. A rare circumstance.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.4,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2025-0167"
    },
    {
      "cve": "CVE-2025-0395",
      "cwe": {
        "id": "CWE-131",
        "name": "Incorrect Calculation of Buffer Size"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2025-0395"
    },
    {
      "cve": "CVE-2025-0665",
      "cwe": {
        "id": "CWE-1341",
        "name": "Multiple Releases of Same Resource or Handle"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2025-0665"
    },
    {
      "cve": "CVE-2025-0725",
      "cwe": {
        "id": "CWE-680",
        "name": "Integer Overflow to Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPT_ACCEPT_ENCODING option, using zlib 1.2.0.3 or older, an attacker-controlled integer overflow would make libcurl perform a buffer overflow.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2025-0725"
    },
    {
      "cve": "CVE-2025-1390",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The PAM module pam_cap.so of libcap configuration supports group names starting with \u201c@\u201d, during actual parsing, configurations not starting with \u201c@\u201d are incorrectly recognized as group names. This may result in nonintended users being granted an inherited capability set, potentially leading to security risks. Attackers can exploit this vulnerability to achieve local privilege escalation on systems where /etc/security/capability.conf is used to configure user inherited privileges by constructing specific usernames.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2025-1390"
    },
    {
      "cve": "CVE-2025-3277",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An integer overflow can be triggered in SQLite\u0027s \u0027concat_ws()\u0027 function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a wild Heap Buffer overflow of size 4GB can be triggered. This can result in arbitrary code execution.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2025-3277"
    },
    {
      "cve": "CVE-2025-3360",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "1. Describe what is the vulnerability about, e.g.:\n    Affected devices do not properly validate input in the hack-me endpoint of the web service.\n\n    2. Describe what an attacker could do with it - e.g.:\n    This could allow an unauthenticated remote attacker to execute arbitrary code on the device.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 0.0,
            "baseSeverity": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2025-3360"
    },
    {
      "cve": "CVE-2025-21694",
      "cwe": {
        "id": "CWE-667",
        "name": "Improper Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "fs/proc: softlockup in __read_vmcore",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2025-21694"
    },
    {
      "cve": "CVE-2025-26466",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2025-26466"
    },
    {
      "cve": "CVE-2025-29087",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQLite, the concat_ws() SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string (e.g., 2MB or more), an integer overflow occurs in calculating the size of the result buffer, and thus malloc may not allocate enough memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2025-29087"
    },
    {
      "cve": "CVE-2025-29088",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability in sqlite allows an attacker to cause a denial of service via the SQLITE_DBCONFIG_LOOKASIDE component.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2025-29088"
    },
    {
      "cve": "CVE-2025-32728",
      "cwe": {
        "id": "CWE-440",
        "name": "Expected Behavior Violation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2025-32728"
    }
  ]
}

{
  "document": {
    "acknowledgments": [
      {
        "organization": "Siemens ProductCERT",
        "summary": "reporting these vulnerabilities to CISA."
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.0.\n\nSiemens has released a new version for SIMATIC S7-1500 TM MFP -\u00a0GNU/Linux subsystem and recommends to update to the latest version.\n\nThis advisory lists vulnerabilities for firmware version V1.0 only; for V1.1 refer to Siemens Security Advisory SSA-265688 (\nhttps://cert-portal.siemens.com/productcert/html/ssa-265688.html).",
        "title": "Summary"
      },
      {
        "category": "general",
        "text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
        "title": "General Recommendations"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
        "title": "Terms of Use"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "other",
        "text": "This CISA CSAF advisory was converted from Siemens ProductCERT\u0027s CSAF advisory.",
        "title": "Advisory Conversion Disclaimer"
      },
      {
        "category": "other",
        "text": "Multiple",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Germany",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "central@cisa.dhs.gov",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - CSAF Version",
        "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-794697.json"
      },
      {
        "category": "self",
        "summary": "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - HTML Version",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-794697.html"
      },
      {
        "category": "self",
        "summary": "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - PDF Version",
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"
      },
      {
        "category": "self",
        "summary": "SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 - TXT Version",
        "url": "https://cert-portal.siemens.com/productcert/txt/ssa-794697.txt"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-23-166-11 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2023/icsa-23-166-11.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-23-166-11 - Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/topics/industrial-control-systems"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
      }
    ],
    "title": "Siemens SIMATIC S7-1500 TM MFP Linux Kernel",
    "tracking": {
      "current_release_date": "2024-04-09T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-23-166-11",
      "initial_release_date": "2023-06-13T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2023-06-13T00:00:00.000000Z",
          "legacy_version": "1.0",
          "number": "1",
          "summary": "Publication Date"
        },
        {
          "date": "2023-07-11T00:00:00.000000Z",
          "legacy_version": "1.1",
          "number": "2",
          "summary": "Added CVE-2022-4269, CVE-2023-3141, CVE-2023-3268, CVE-2023-31436, CVE-2023-32233"
        },
        {
          "date": "2023-08-08T00:00:00.000000Z",
          "legacy_version": "1.2",
          "number": "3",
          "summary": "Added CVE-2023-3446, CVE-2023-3389, CVE-2022-1015, \r\nCVE-2023-3609"
        },
        {
          "date": "2023-09-12T00:00:00.000000Z",
          "legacy_version": "1.3",
          "number": "4",
          "summary": "Added CVE-2023-3338"
        },
        {
          "date": "2023-11-14T00:00:00.000000Z",
          "legacy_version": "1.4",
          "number": "5",
          "summary": "Added CVE-2023-1206, CVE-2023-2898, CVE-2023-3610, CVE-2023-3611, CVE-2023-3772, CVE-2023-3773, CVE-2023-3777, CVE-2023-4004, CVE-2023-4015, CVE-2023-4273, CVE-2023-4623, CVE-2023-4921, CVE-2023-35001, CVE-2023-37453, CVE-2023-39192, CVE-2023-39193, CVE-2023-39194, CVE-2023-42753, CVE-2023-42755"
        },
        {
          "date": "2023-12-12T00:00:00.000000Z",
          "legacy_version": "1.5",
          "number": "6",
          "summary": "Added CVE-2021-44879, CVE-2023-5178, CVE-2023-5197, CVE-2023-5678, CVE-2023-5717, CVE-2023-31085, CVE-2023-35827, CVE-2023-39189, CVE-2023-42754, CVE-2023-45863, CVE-2023-45871"
        },
        {
          "date": "2024-01-09T00:00:00.000000Z",
          "legacy_version": "1.6",
          "number": "7",
          "summary": "Added CVE-2023-48795"
        },
        {
          "date": "2024-02-13T00:00:00.000000Z",
          "legacy_version": "1.7",
          "number": "8",
          "summary": "Added CVE-2020-12762, CVE-2023-6606, CVE-2023-6931, CVE-2023-6932, CVE-2023-7008, CVE-2023-7104, CVE-2023-36660, CVE-2023-50495, CVE-2023-51384, CVE-2023-51385, CVE-2023-51767, CVE-2024-0232, CVE-2024-0553, CVE-2024-0567, CVE-2024-0584, CVE-2024-0684, CVE-2024-22365, CVE-2024-25062"
        },
        {
          "date": "2024-04-09T00:00:00.000000Z",
          "legacy_version": "1.8",
          "number": "9",
          "summary": "Added fix for SIMATIC S7-1500 TM MFP - GNU/Linux subsystem"
        }
      ],
      "status": "final",
      "version": "9"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cV1.1",
                "product": {
                  "name": "SIMATIC S7-1500 TM MFP -\u00a0GNU/Linux subsystem",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 TM MFP -\u00a0GNU/Linux subsystem"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-12762",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2020-12762"
    },
    {
      "cve": "CVE-2021-3759",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A memory overflow vulnerability was found in the Linux kernel\u2019s ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-3759"
    },
    {
      "cve": "CVE-2021-4037",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. This can lead to excessive permissions granted in case when they should not. This vulnerability is similar to the previous CVE-2018-13405 and adds the missed fix for the XFS.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-4037"
    },
    {
      "cve": "CVE-2021-33655",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-33655"
    },
    {
      "cve": "CVE-2021-44879",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-44879"
    },
    {
      "cve": "CVE-2022-0171",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-0171"
    },
    {
      "cve": "CVE-2022-1012",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-1012"
    },
    {
      "cve": "CVE-2022-1015",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. This flaw allows a local user to cause an out-of-bounds write issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-1015"
    },
    {
      "cve": "CVE-2022-1184",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel\u2019s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-1184"
    },
    {
      "cve": "CVE-2022-1292",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The c_rehash script does not properly sanitise shell metacharacters to prevent command injection.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-1292"
    },
    {
      "cve": "CVE-2022-1343",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Under certain circumstances, the command line OCSP verify function reports successful verification when the verification in fact failed. In this case the incorrect successful response will also be accompanied by error messages showing the failure and contradicting the apparently successful result.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-1343"
    },
    {
      "cve": "CVE-2022-1434",
      "cwe": {
        "id": "CWE-327",
        "name": "Use of a Broken or Risky Cryptographic Algorithm"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When using the RC4-MD5 ciphersuite, which is disabled by default, an attacker is able to modify data in transit due to an incorrect use of the AAD data as the MAC key in OpenSSL 3.0. An attacker is not able to decrypt any communication.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-1434"
    },
    {
      "cve": "CVE-2022-1462",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds read flaw was found in the Linux kernel\u2019s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a local user to crash the system or read unauthorized random data from memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-1462"
    },
    {
      "cve": "CVE-2022-1473",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The used OpenSSL version improperly reuses memory when decoding certificates or keys. This can lead to a process termination and Denial of Service for long lived processes.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-1473"
    },
    {
      "cve": "CVE-2022-1679",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in the Linux kernel\u2019s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-1679"
    },
    {
      "cve": "CVE-2022-1852",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference flaw was found in the Linux kernel\u2019s KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-1852"
    },
    {
      "cve": "CVE-2022-1882",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in the Linux kernel\u2019s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-1882"
    },
    {
      "cve": "CVE-2022-2068",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-2068"
    },
    {
      "cve": "CVE-2022-2078",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in the Linux kernel\u0027s nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-2078"
    },
    {
      "cve": "CVE-2022-2097",
      "cwe": {
        "id": "CWE-326",
        "name": "Inadequate Encryption Strength"
      },
      "notes": [
        {
          "category": "summary",
          "text": "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn\u0027t written. In the special case of \"in place\" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-2097"
    },
    {
      "cve": "CVE-2022-2153",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel\u2019s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-2153"
    },
    {
      "cve": "CVE-2022-2274",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. SSL/TLS servers or other servers using 2048 bit RSA private keys running on machines supporting AVX512IFMA instructions of the X86_64 architecture are affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-2274"
    },
    {
      "cve": "CVE-2022-2327",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "io_uring use work_flags to determine which identity need to grab from the calling process to make sure it is consistent with the calling process when executing IORING_OP. Some operations are missing some types, which can lead to incorrect reference counts which can then lead to a double free. We recommend upgrading the kernel past commit df3f3bb5059d20ef094d6b2f0256c4bf4127a859",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-2327"
    },
    {
      "cve": "CVE-2022-2503",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equivalent dm-linear target and bypass verification till reboot. This allows root to bypass LoadPin and can be used to load untrusted and unverified kernel modules and firmware, which implies arbitrary kernel execution and persistence for peripherals that do not verify firmware updates. We recommend upgrading past commit 4caae58406f8ceb741603eee460d79bacca9b1b5",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-2503"
    },
    {
      "cve": "CVE-2022-2586",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in nf_tables cross-table in the net/netfilter/nf_tables_api.c function in the Linux kernel. This flaw allows a local, privileged attacker to cause a use-after-free problem at the time of table deletion, possibly leading to local privilege escalation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-2586"
    },
    {
      "cve": "CVE-2022-2588",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-2588"
    },
    {
      "cve": "CVE-2022-2602",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel. A race issue occurs between an io_uring request and the Unix socket garbage collector, allowing an attacker local privilege escalation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-2602"
    },
    {
      "cve": "CVE-2022-2663",
      "cwe": {
        "id": "CWE-923",
        "name": "Improper Restriction of Communication Channel to Intended Endpoints"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-2663"
    },
    {
      "cve": "CVE-2022-2905",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds memory read flaw was found in the Linux kernel\u0027s BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-2905"
    },
    {
      "cve": "CVE-2022-2959",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A race condition was found in the Linux kernel\u0027s watch queue due to a missing lock in pipe_resize_ring(). The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a local user to crash the system or escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-2959"
    },
    {
      "cve": "CVE-2022-2978",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-2978"
    },
    {
      "cve": "CVE-2022-3028",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A race condition was found in the Linux kernel\u0027s IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-3028"
    },
    {
      "cve": "CVE-2022-3104",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-3104"
    },
    {
      "cve": "CVE-2022-3115",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel through 5.16-rc6. malidp_crtc_reset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-3115"
    },
    {
      "cve": "CVE-2022-3169",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET through the device file of the driver, resulting in a PCIe link disconnect.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-3169"
    },
    {
      "cve": "CVE-2022-3303",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-3303"
    },
    {
      "cve": "CVE-2022-3521",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VDB-211018 is the identifier assigned to this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-3521"
    },
    {
      "cve": "CVE-2022-3524",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211021 was assigned to this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-3524"
    },
    {
      "cve": "CVE-2022-3534",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability classified as critical has been found in Linux Kernel. Affected is the function btf_dump_name_dups of the file tools/lib/bpf/btf_dump.c of the component libbpf. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211032.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-3534"
    },
    {
      "cve": "CVE-2022-3545",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-3545"
    },
    {
      "cve": "CVE-2022-3564",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-3564"
    },
    {
      "cve": "CVE-2022-3565",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-3565"
    },
    {
      "cve": "CVE-2022-3586",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel\u2019s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-3586"
    },
    {
      "cve": "CVE-2022-3594",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-3594"
    },
    {
      "cve": "CVE-2022-3606",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in Linux Kernel. It has been classified as problematic. This affects the function find_prog_by_sec_insn of the file tools/lib/bpf/libbpf.c of the component BPF. The manipulation leads to null pointer dereference. It is recommended to apply a patch to fix this issue. The identifier VDB-211749 was assigned to this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-3606"
    },
    {
      "cve": "CVE-2022-3621",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211920.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-3621"
    },
    {
      "cve": "CVE-2022-3625",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211929 was assigned to this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-3625"
    },
    {
      "cve": "CVE-2022-3628",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device. This can allow a local user to crash the system or escalate their privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-3628"
    },
    {
      "cve": "CVE-2022-3629",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211930 is the identifier assigned to this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-3629"
    },
    {
      "cve": "CVE-2022-3633",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function j1939_session_destroy of the file net/can/j1939/transport.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211932.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-3633"
    },
    {
      "cve": "CVE-2022-3635",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. VDB-211934 is the identifier assigned to this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-3635"
    },
    {
      "cve": "CVE-2022-3646",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-3646"
    },
    {
      "cve": "CVE-2022-3649",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211992.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-3649"
    },
    {
      "cve": "CVE-2022-4095",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c, allowing an attacker to launch a local denial of service attack and gain escalation of privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-4095"
    },
    {
      "cve": "CVE-2022-4129",
      "cwe": {
        "id": "CWE-667",
        "name": "Improper Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel\u0027s Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-4129"
    },
    {
      "cve": "CVE-2022-4139",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An incorrect TLB flush issue was found in the Linux kernel\u2019s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-4139"
    },
    {
      "cve": "CVE-2022-4269",
      "cwe": {
        "id": "CWE-833",
        "name": "Deadlock"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action \"mirred\") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in use (TCP or SCTP) does a retransmission, resulting in a denial of service condition.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-4269"
    },
    {
      "cve": "CVE-2022-4304",
      "cwe": {
        "id": "CWE-326",
        "name": "Inadequate Encryption Strength"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-4304"
    },
    {
      "cve": "CVE-2022-4450",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the \"name\" (e.g. \"CERTIFICATE\"), any header data and the payload data. If the function succeeds then the \"name_out\", \"header\" and \"data\" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-4450"
    },
    {
      "cve": "CVE-2022-4662",
      "cwe": {
        "id": "CWE-455",
        "name": "Non-exit on Failed Initialization"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-4662"
    },
    {
      "cve": "CVE-2022-20421",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239630375References: Upstream kernel",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-20421"
    },
    {
      "cve": "CVE-2022-20422",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In emulation_proc_handler of armv8_deprecated.c, there is a possible way to corrupt memory due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237540956References: Upstream kernel",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-20422"
    },
    {
      "cve": "CVE-2022-20566",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In l2cap_chan_put of l2cap_core, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-165329981References: Upstream kernel",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-20566"
    },
    {
      "cve": "CVE-2022-20572",
      "cwe": {
        "id": "CWE-863",
        "name": "Incorrect Authorization"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In verity_target of dm-verity-target.c, there is a possible way to modify read-only files due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-234475629References: Upstream kernel",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-20572"
    },
    {
      "cve": "CVE-2022-21123",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-21123"
    },
    {
      "cve": "CVE-2022-21125",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-21125"
    },
    {
      "cve": "CVE-2022-21166",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-21166"
    },
    {
      "cve": "CVE-2022-21505",
      "cwe": {
        "id": "CWE-305",
        "name": "Authentication Bypass by Primary Weakness"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A bug in the IMA subsystem was discovered which would incorrectly allow kexec to be used when kernel lockdown was enabled",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-21505"
    },
    {
      "cve": "CVE-2022-26373",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-26373"
    },
    {
      "cve": "CVE-2022-32250",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-32250"
    },
    {
      "cve": "CVE-2022-32296",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 (\"Double-Hash Port Selection Algorithm\") of RFC 6056.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-32296"
    },
    {
      "cve": "CVE-2022-34918",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-34918"
    },
    {
      "cve": "CVE-2022-36123",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service or gain privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-36123"
    },
    {
      "cve": "CVE-2022-36280",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file \u0027/dev/dri/renderD128 (or Dxxx)\u0027. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-36280"
    },
    {
      "cve": "CVE-2022-36879",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-36879"
    },
    {
      "cve": "CVE-2022-36946",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb-\u003elen.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-36946"
    },
    {
      "cve": "CVE-2022-39188",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-39188"
    },
    {
      "cve": "CVE-2022-39190",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-39190"
    },
    {
      "cve": "CVE-2022-40307",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-40307"
    },
    {
      "cve": "CVE-2022-40768",
      "cwe": {
        "id": "CWE-668",
        "name": "Exposure of Resource to Wrong Sphere"
      },
      "notes": [
        {
          "category": "summary",
          "text": "drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-40768"
    },
    {
      "cve": "CVE-2022-41218",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-41218"
    },
    {
      "cve": "CVE-2022-41222",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-41222"
    },
    {
      "cve": "CVE-2022-41674",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-41674"
    },
    {
      "cve": "CVE-2022-41849",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-41849"
    },
    {
      "cve": "CVE-2022-41850",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report-\u003evalue is in progress.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-41850"
    },
    {
      "cve": "CVE-2022-42328",
      "cwe": {
        "id": "CWE-667",
        "name": "Improper Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Guests can trigger deadlock in Linux netback driver [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). Additionally when dropping packages for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver is connected to (CVE-2022-42329).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-42328"
    },
    {
      "cve": "CVE-2022-42329",
      "cwe": {
        "id": "CWE-667",
        "name": "Improper Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Guests can trigger deadlock in Linux netback drive. The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). Additionally when dropping packages for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver is connected to (CVE-2022-42329).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-42329"
    },
    {
      "cve": "CVE-2022-42432",
      "cwe": {
        "id": "CWE-457",
        "name": "Use of Uninitialized Variable"
      },
      "notes": [
        {
          "category": "summary",
          "text": "This vulnerability allows local attackers to disclose sensitive information on affected installations of the Linux Kernel 6.0-rc2. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the nft_osf_eval function. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the kernel. Was ZDI-CAN-18540.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-42432"
    },
    {
      "cve": "CVE-2022-42703",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-42703"
    },
    {
      "cve": "CVE-2022-42719",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-42719"
    },
    {
      "cve": "CVE-2022-42720",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-42720"
    },
    {
      "cve": "CVE-2022-42721",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-42721"
    },
    {
      "cve": "CVE-2022-42722",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-42722"
    },
    {
      "cve": "CVE-2022-42895",
      "cwe": {
        "id": "CWE-824",
        "name": "Access of Uninitialized Pointer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There is an infoleak vulnerability in the Linux kernel\u0027s net/bluetooth/l2cap_core.c\u0027s l2cap_parse_conf_req function which can be used to leak kernel pointers remotely. We recommend upgrading past commit https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435a732b4e62ba3157a2e",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-42895"
    },
    {
      "cve": "CVE-2022-42896",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There are use-after-free vulnerabilities in the Linux kernel\u0027s net/bluetooth/l2cap_core.c\u0027s l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim. We recommend upgrading past commit https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-42896"
    },
    {
      "cve": "CVE-2022-43750",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor\u0027s internal memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-43750"
    },
    {
      "cve": "CVE-2022-47518",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of channels in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when copying the list of operating channels from Wi-Fi management frames.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-47518"
    },
    {
      "cve": "CVE-2022-47520",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-47520"
    },
    {
      "cve": "CVE-2022-47929",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with \"tc qdisc\" and \"tc class\" commands. This affects qdisc_graft in net/sched/sch_api.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-47929"
    },
    {
      "cve": "CVE-2022-47946",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel 5.10.x before 5.10.155. A use-after-free in io_sqpoll_wait_sq in fs/io_uring.c allows an attacker to crash the kernel, resulting in denial of service. finish_wait can be skipped. An attack can occur in some situations by forking a process and then quickly terminating it. NOTE: later kernel versions, such as the 5.15 longterm series, substantially changed the implementation of io_sqpoll_wait_sq.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-47946"
    },
    {
      "cve": "CVE-2023-0215",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. This internal function is in turn called by the public API functions PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream. The OpenSSL cms and smime command line applications are similarly affected.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-0215"
    },
    {
      "cve": "CVE-2023-0286",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-0286"
    },
    {
      "cve": "CVE-2023-0464",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems.\r\n\r\nPolicy processing is disabled by default but can be enabled by passing the `-policy` argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()` function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-0464"
    },
    {
      "cve": "CVE-2023-0465",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Applications that use a non-default option when verifying certificates may be\r\nvulnerable to an attack from a malicious CA to circumvent certain checks.\r\n\r\nInvalid certificate policies in leaf certificates are silently ignored by\r\nOpenSSL and other certificate policy checks are skipped for that certificate.\r\nA malicious CA could use this to deliberately assert invalid certificate policies\r\nin order to circumvent policy checking on the certificate altogether.\r\n\r\nPolicy processing is disabled by default but can be enabled by passing\r\nthe `-policy` argument to the command line utilities or by calling the\r\n`X509_VERIFY_PARAM_set1_policies()` function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-0465"
    },
    {
      "cve": "CVE-2023-0466",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The function X509_VERIFY_PARAM_add0_policy() is documented to\nimplicitly enable the certificate policy check when doing certificate\nverification. However the implementation of the function does not\nenable the check which allows certificates with invalid or incorrect\npolicies to pass the certificate verification.\n\nAs suddenly enabling the policy check could break existing deployments it was\ndecided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy()\nfunction.\n\nInstead the applications that require OpenSSL to perform certificate\npolicy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly\nenable the policy check by calling X509_VERIFY_PARAM_set_flags() with\nthe X509_V_FLAG_POLICY_CHECK flag argument.\n\nCertificate policy checks are disabled by default in OpenSSL and are not\ncommonly used by applications.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-0466"
    },
    {
      "cve": "CVE-2023-0590",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (\"net: sched: fix race condition in qdisc_graft()\") not applied yet, then kernel could be affected.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-0590"
    },
    {
      "cve": "CVE-2023-1077",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-1077"
    },
    {
      "cve": "CVE-2023-1095",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never placed on a list -- the list head is all zeroes, this results in a NULL pointer dereference.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-1095"
    },
    {
      "cve": "CVE-2023-1206",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel\u2019s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-1206"
    },
    {
      "cve": "CVE-2023-2898",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user to cause a denial of service problem.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-2898"
    },
    {
      "cve": "CVE-2023-3141",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-3141"
    },
    {
      "cve": "CVE-2023-3268",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-3268"
    },
    {
      "cve": "CVE-2023-3338",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A null pointer dereference flaw was found in the Linux kernel\u0027s DECnet networking protocol. This issue could allow a remote user to crash the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-3338"
    },
    {
      "cve": "CVE-2023-3389",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Racing a io_uring cancel poll request with a linked timeout can cause a UAF in a hrtimer.\r\n\r\nWe recommend upgrading past commit `ef7dfac51d8ed961b742218f526bd589f3900a59`  \r\n(`4716c73b188566865bdd79c3a6709696a224ac04` for 5.10 stable and   \r\n`0e388fce7aec40992eadee654193cad345d62663` for 5.15 stable).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-3389"
    },
    {
      "cve": "CVE-2023-3446",
      "cwe": {
        "id": "CWE-1333",
        "name": "Inefficient Regular Expression Complexity"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus (\u0027p\u0027 parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulernable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the \u0027-check\u0027 option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-3446"
    },
    {
      "cve": "CVE-2023-3609",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: cls_u32 component can be exploited to achieve local privilege escalation.\r\n\r\nIf tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-3609"
    },
    {
      "cve": "CVE-2023-3610",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\r\n\r\nFlaw in the error handling of bound chains causes a use-after-free in the abort path of NFT_MSG_NEWRULE. The vulnerability requires CAP_NET_ADMIN to be triggered.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-3610"
    },
    {
      "cve": "CVE-2023-3611",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds write vulnerability in the Linux kernel\u0027s net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\r\n\r\nThe qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-3611"
    },
    {
      "cve": "CVE-2023-3772",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel\u0027s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-3772"
    },
    {
      "cve": "CVE-2023-3773",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel\u0027s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to cause a 4 byte out-of-bounds read of XFRMA_MTIMER_THRESH when parsing netlink attributes, leading to potential leakage of sensitive heap data to userspace.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-3773"
    },
    {
      "cve": "CVE-2023-3777",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nWhen nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain\u0027s owner rule can also release the objects in certain circumstances.\n\nWe recommend upgrading past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-3777"
    },
    {
      "cve": "CVE-2023-4004",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in the Linux kernel\u0027s netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-4004"
    },
    {
      "cve": "CVE-2023-4015",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The netfilter subsystem in the Linux kernel did not properly handle bound chain deactivation in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-4015"
    },
    {
      "cve": "CVE-2023-4273",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "This vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this vulnerability to overflow the kernel stack.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-4273"
    },
    {
      "cve": "CVE-2023-4623",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation.\n\nIf a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free.\n\nWe recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-4623"
    },
    {
      "cve": "CVE-2023-4911",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A buffer overflow was discovered in the GNU C Library\u0027s dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-4911"
    },
    {
      "cve": "CVE-2023-4921",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\n\nWhen the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrect .peek handler of sch_plug and lack of error checking in agg_dequeue().\n\nWe recommend upgrading past commit 8fc134fee27f2263988ae38920bc03da416b03d8.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-4921"
    },
    {
      "cve": "CVE-2023-5178",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a malicious local privileged user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation problem.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-5178"
    },
    {
      "cve": "CVE-2023-5197",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\r\n\r\nAddition and removal of rules from chain bindings within the same transaction causes leads to use-after-free.\r\n\r\nWe recommend upgrading past commit f15f29fd4779be8a418b66e9d52979bb6d6c2325.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-5197"
    },
    {
      "cve": "CVE-2023-5678",
      "cwe": {
        "id": "CWE-754",
        "name": "Improper Check for Unusual or Exceptional Conditions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn\u0027t make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn\u0027t check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the \"-pubcheck\" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-5678"
    },
    {
      "cve": "CVE-2023-5717",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A heap out-of-bounds write vulnerability in the Linux kernel\u0027s Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation.\r\n\r\nIf perf_read_group() is called while an event\u0027s sibling_list is smaller than its child\u0027s sibling_list, it can increment or write to memory locations outside of the allocated buffer.\r\n\r\nWe recommend upgrading past commit 32671e3799ca2e4590773fd0e63aaa4229e50c06.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-5717"
    },
    {
      "cve": "CVE-2023-6606",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-6606"
    },
    {
      "cve": "CVE-2023-6931",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A heap out-of-bounds write vulnerability in the Linux kernel\u0027s Performance Events system component can be exploited to achieve local privilege escalation.\n\nA perf_event\u0027s read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group().\n\nWe recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-6931"
    },
    {
      "cve": "CVE-2023-6932",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s ipv4: igmp component can be exploited to achieve local privilege escalation.\n\nA race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread.\n\nWe recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-6932"
    },
    {
      "cve": "CVE-2023-7008",
      "cwe": {
        "id": "CWE-300",
        "name": "Channel Accessible by Non-Endpoint"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-7008"
    },
    {
      "cve": "CVE-2023-7104",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-248999.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-7104"
    },
    {
      "cve": "CVE-2023-23454",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-23454"
    },
    {
      "cve": "CVE-2023-23455",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-23455"
    },
    {
      "cve": "CVE-2023-23559",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-23559"
    },
    {
      "cve": "CVE-2023-26607",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-26607"
    },
    {
      "cve": "CVE-2023-31085",
      "cwe": {
        "id": "CWE-369",
        "name": "Divide By Zero"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd-\u003eerasesize), used indirectly by ctrl_cdev_ioctl, when mtd-\u003eerasesize is 0.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-31085"
    },
    {
      "cve": "CVE-2023-31436",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-31436"
    },
    {
      "cve": "CVE-2023-32233",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-32233"
    },
    {
      "cve": "CVE-2023-35001",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-35001"
    },
    {
      "cve": "CVE-2023-35827",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel through 6.3.8. A use-after-free was found in ravb_remove in drivers/net/ethernet/renesas/ravb_main.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-35827"
    },
    {
      "cve": "CVE-2023-36660",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-36660"
    },
    {
      "cve": "CVE-2023-37453",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in read_descriptors in drivers/usb/core/sysfs.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-37453"
    },
    {
      "cve": "CVE-2023-39189",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-39189"
    },
    {
      "cve": "CVE-2023-39192",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a crash or information disclosure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-39192"
    },
    {
      "cve": "CVE-2023-39193",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-39193"
    },
    {
      "cve": "CVE-2023-39194",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, potentially leading to an information disclosure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.2,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-39194"
    },
    {
      "cve": "CVE-2023-42753",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h-\u003enets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-42753"
    },
    {
      "cve": "CVE-2023-42754",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privileges to crash the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-42754"
    },
    {
      "cve": "CVE-2023-42755",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-42755"
    },
    {
      "cve": "CVE-2023-45863",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in a fill_kobj_path out-of-bounds write.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-45863"
    },
    {
      "cve": "CVE-2023-45871",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-45871"
    },
    {
      "cve": "CVE-2023-48795",
      "cwe": {
        "id": "CWE-222",
        "name": "Truncation of Security-relevant Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust; and there could be effects on Bitvise SSH through 9.31.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-48795"
    },
    {
      "cve": "CVE-2023-50495",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-50495"
    },
    {
      "cve": "CVE-2023-51384",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-51384"
    },
    {
      "cve": "CVE-2023-51385",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-51385"
    },
    {
      "cve": "CVE-2023-51767",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-51767"
    },
    {
      "cve": "CVE-2024-0232",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2024-0232"
    },
    {
      "cve": "CVE-2024-0553",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2024-0553"
    },
    {
      "cve": "CVE-2024-0567",
      "cwe": {
        "id": "CWE-347",
        "name": "Improper Verification of Cryptographic Signature"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2024-0567"
    },
    {
      "cve": "CVE-2024-0584",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free issue was found in igmp_start_timer in net/ipv4/igmp.c in the network sub-component in the Linux Kernel. This flaw allows a local user to observe a refcnt use-after-free issue when receiving an igmp query packet, leading to a kernel information leak.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2024-0584"
    },
    {
      "cve": "CVE-2024-0684",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the GNU coreutils \"split\" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the line_bytes_split() function, potentially leading to an application crash and denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2024-0684"
    },
    {
      "cve": "CVE-2024-22365",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2024-22365"
    },
    {
      "cve": "CVE-2024-25062",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.1 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109827684/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2024-25062"
    }
  ]
}

{
  "document": {
    "acknowledgments": [
      {
        "organization": "Siemens ProductCERT",
        "summary": "reporting these vulnerabilities to CISA."
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Multiple vulnerabilities have been identified in the BIOS of the SIMATIC S7-1500 TM MFP before V1.3.0.\n\nSiemens has released a new version for SIMATIC S7-1500 TM MFP - BIOS and recommends to update to the latest version.",
        "title": "Summary"
      },
      {
        "category": "general",
        "text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
        "title": "General Recommendations"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
        "title": "Terms of Use"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "other",
        "text": "This CISA CSAF advisory was converted from Siemens ProductCERT\u0027s CSAF advisory.",
        "title": "Advisory Conversion Disclaimer"
      },
      {
        "category": "other",
        "text": "Multiple",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Germany",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "central@cisa.dhs.gov",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "SSA-831302: Vulnerabilities in the BIOS of the SIMATIC S7-1500 TM MFP before V1.3.0 - CSAF Version",
        "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-831302.json"
      },
      {
        "category": "self",
        "summary": "SSA-831302: Vulnerabilities in the BIOS of the SIMATIC S7-1500 TM MFP before V1.3.0 - HTML Version",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-831302.html"
      },
      {
        "category": "self",
        "summary": "SSA-831302: Vulnerabilities in the BIOS of the SIMATIC S7-1500 TM MFP before V1.3.0 - PDF Version",
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-831302.pdf"
      },
      {
        "category": "self",
        "summary": "SSA-831302: Vulnerabilities in the BIOS of the SIMATIC S7-1500 TM MFP before V1.3.0 - TXT Version",
        "url": "https://cert-portal.siemens.com/productcert/txt/ssa-831302.txt"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-23-166-10 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2023/icsa-23-166-10.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-23-166-10 - Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-10"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/topics/industrial-control-systems"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
      }
    ],
    "title": "Siemens SIMATIC S7-1500 TM MFP BIOS",
    "tracking": {
      "current_release_date": "2024-04-09T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-23-166-10",
      "initial_release_date": "2023-06-13T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2023-06-13T00:00:00.000000Z",
          "legacy_version": "1.0",
          "number": "1",
          "summary": "Publication Date"
        },
        {
          "date": "2023-09-12T00:00:00.000000Z",
          "legacy_version": "1.1",
          "number": "2",
          "summary": "Added CVE-2022-1015, CVE-2023-2898, CVE-2023-31248, CVE-2023-3390, CVE-2023-35001, CVE-2023-3610, CVE-2023-3611, CVE-2023-3776, CVE-2023-4004, CVE-2023-4015, CVE-2023-4128, CVE-2023-4147, CVE-2023-4273"
        },
        {
          "date": "2023-11-14T00:00:00.000000Z",
          "legacy_version": "1.2",
          "number": "3",
          "summary": "Added CVE-2023-4527, CVE-2023-4806, CVE-2023-4911, CVE-2023-5156"
        },
        {
          "date": "2023-12-12T00:00:00.000000Z",
          "legacy_version": "1.3",
          "number": "4",
          "summary": "Added CVE-2021-44879, CVE-2023-45863"
        },
        {
          "date": "2024-04-09T00:00:00.000000Z",
          "legacy_version": "1.4",
          "number": "5",
          "summary": "Added fix for SIMATIC S7-1500 TM MFP - BIOS"
        }
      ],
      "status": "final",
      "version": "5"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cV1.3.0",
                "product": {
                  "name": "SIMATIC S7-1500 TM MFP - BIOS",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 TM MFP - BIOS"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2016-10228",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2016-10228"
    },
    {
      "cve": "CVE-2019-25013",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2019-25013"
    },
    {
      "cve": "CVE-2020-1752",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2020-1752"
    },
    {
      "cve": "CVE-2020-10029",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2020-10029"
    },
    {
      "cve": "CVE-2020-27618",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2020-27618"
    },
    {
      "cve": "CVE-2020-29562",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2020-29562"
    },
    {
      "cve": "CVE-2021-3326",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-3326"
    },
    {
      "cve": "CVE-2021-3998",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-3998"
    },
    {
      "cve": "CVE-2021-3999",
      "cwe": {
        "id": "CWE-193",
        "name": "Off-by-one Error"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-3999"
    },
    {
      "cve": "CVE-2021-20269",
      "cwe": {
        "id": "CWE-276",
        "name": "Incorrect Default Permissions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the permissions of a log file created by kexec-tools. This flaw allows a local unprivileged user to read this file and leak kernel internal information from a previous panic. The highest threat from this vulnerability is to confidentiality. This flaw affects kexec-tools shipped by Fedora versions prior to 2.0.21-8 and RHEL versions prior to 2.0.20-47.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-20269"
    },
    {
      "cve": "CVE-2021-27645",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-27645"
    },
    {
      "cve": "CVE-2021-28831",
      "cwe": {
        "id": "CWE-755",
        "name": "Improper Handling of Exceptional Conditions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-28831"
    },
    {
      "cve": "CVE-2021-33574",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-33574"
    },
    {
      "cve": "CVE-2021-35942",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-35942"
    },
    {
      "cve": "CVE-2021-38604",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 fix.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-38604"
    },
    {
      "cve": "CVE-2021-42373",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference in Busybox\u0027s man applet leads to denial of service when a section name is supplied but no page argument is given.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-42373"
    },
    {
      "cve": "CVE-2021-42374",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds heap read in Busybox\u0027s unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed. This can be triggered by any applet/format that internally supports LZMA compression.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-42374"
    },
    {
      "cve": "CVE-2021-42375",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An incorrect handling of a special element in Busybox\u0027s ash applet leads to denial of service when processing a crafted shell command, due to the shell mistaking specific characters for reserved characters. This may be used for DoS under rare conditions of filtered command input.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-42375"
    },
    {
      "cve": "CVE-2021-42376",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference in Busybox\u0027s hush applet leads to denial of service when processing a crafted shell command, due to missing validation after a \\x03 delimiter character. This may be used for DoS under very rare conditions of filtered command input.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-42376"
    },
    {
      "cve": "CVE-2021-42377",
      "cwe": {
        "id": "CWE-763",
        "name": "Release of Invalid Pointer or Reference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An attacker-controlled pointer free in Busybox\u0027s hush applet leads to denial of service and possible code execution when processing a crafted shell command, due to the shell mishandling the \u0026\u0026\u0026 string. This may be used for remote code execution under rare conditions of filtered command input.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-42377"
    },
    {
      "cve": "CVE-2021-42378",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free in Busybox\u0027s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-42378"
    },
    {
      "cve": "CVE-2021-42379",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free in Busybox\u0027s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-42379"
    },
    {
      "cve": "CVE-2021-42380",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-42380"
    },
    {
      "cve": "CVE-2021-42381",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-42381"
    },
    {
      "cve": "CVE-2021-42382",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-42382"
    },
    {
      "cve": "CVE-2021-42383",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-42383"
    },
    {
      "cve": "CVE-2021-42384",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free in Busybox\u0027s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-42384"
    },
    {
      "cve": "CVE-2021-42385",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-42385"
    },
    {
      "cve": "CVE-2021-42386",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-42386"
    },
    {
      "cve": "CVE-2021-44879",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-44879"
    },
    {
      "cve": "CVE-2022-1015",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. This flaw allows a local user to cause an out-of-bounds write issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-1015"
    },
    {
      "cve": "CVE-2022-1882",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in the Linux kernel\u2019s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-1882"
    },
    {
      "cve": "CVE-2022-2585",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in the Linux kernel\u2019s POSIX CPU timers functionality in the way a user creates and then deletes the timer in the non-leader thread of the program. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-2585"
    },
    {
      "cve": "CVE-2022-2588",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-2588"
    },
    {
      "cve": "CVE-2022-2905",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds memory read flaw was found in the Linux kernel\u0027s BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-2905"
    },
    {
      "cve": "CVE-2022-3028",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A race condition was found in the Linux kernel\u0027s IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-3028"
    },
    {
      "cve": "CVE-2022-3435",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fib_nh_match of the file net/ipv4/fib_semantics.c of the component IPv4 Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-210357 was assigned to this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-3435"
    },
    {
      "cve": "CVE-2022-3586",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel\u2019s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-3586"
    },
    {
      "cve": "CVE-2022-4378",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A stack overflow flaw was found in the Linux kernel\u0027s SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-4378"
    },
    {
      "cve": "CVE-2022-4662",
      "cwe": {
        "id": "CWE-455",
        "name": "Non-exit on Failed Initialization"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-4662"
    },
    {
      "cve": "CVE-2022-20421",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239630375References: Upstream kernel",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-20421"
    },
    {
      "cve": "CVE-2022-20422",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In emulation_proc_handler of armv8_deprecated.c, there is a possible way to corrupt memory due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237540956References: Upstream kernel",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-20422"
    },
    {
      "cve": "CVE-2022-21233",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Improper isolation of shared resources in some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-21233"
    },
    {
      "cve": "CVE-2022-23218",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-23218"
    },
    {
      "cve": "CVE-2022-23219",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-23219"
    },
    {
      "cve": "CVE-2022-28391",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record\u0027s value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal\u0027s colors.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-28391"
    },
    {
      "cve": "CVE-2022-30065",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free in Busybox 1.35-x\u0027s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-30065"
    },
    {
      "cve": "CVE-2022-39188",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-39188"
    },
    {
      "cve": "CVE-2022-39190",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-39190"
    },
    {
      "cve": "CVE-2022-40307",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-40307"
    },
    {
      "cve": "CVE-2022-41222",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-41222"
    },
    {
      "cve": "CVE-2022-42703",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-42703"
    },
    {
      "cve": "CVE-2023-0179",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-0179"
    },
    {
      "cve": "CVE-2023-0394",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-0394"
    },
    {
      "cve": "CVE-2023-1073",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A memory corruption flaw was found in the Linux kernel\u2019s human interface device (HID) subsystem in how a user inserts a malicious USB device. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-1073"
    },
    {
      "cve": "CVE-2023-2898",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user to cause a denial of service problem.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-2898"
    },
    {
      "cve": "CVE-2023-3390",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability was found in the Linux kernel\u0027s netfilter subsystem in net/netfilter/nf_tables_api.c.\n\nMishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local attacker with user access to cause a privilege escalation issue.\n\nWe recommend upgrading past commit\u00a01240eb93f0616b21c675416516ff3d74798fdc97.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-3390"
    },
    {
      "cve": "CVE-2023-3610",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\r\n\r\nFlaw in the error handling of bound chains causes a use-after-free in the abort path of NFT_MSG_NEWRULE. The vulnerability requires CAP_NET_ADMIN to be triggered.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-3610"
    },
    {
      "cve": "CVE-2023-3611",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds write vulnerability in the Linux kernel\u0027s net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\r\n\r\nThe qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-3611"
    },
    {
      "cve": "CVE-2023-3776",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: cls_fw component can be exploited to achieve local privilege escalation.\r\n\r\nIf tcf_change_indev() fails, fw_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-3776"
    },
    {
      "cve": "CVE-2023-4004",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free flaw was found in the Linux kernel\u0027s netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-4004"
    },
    {
      "cve": "CVE-2023-4015",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The netfilter subsystem in the Linux kernel did not properly handle bound chain deactivation in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-4015"
    },
    {
      "cve": "CVE-2023-4128",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel allows a local attacker to perform a local privilege escalation due to incorrect handling of the existing filter, leading to a kernel information leak.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-4128"
    },
    {
      "cve": "CVE-2023-4147",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u2019s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID allows a local user to crash or escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-4147"
    },
    {
      "cve": "CVE-2023-4273",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "This vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this vulnerability to overflow the kernel stack.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-4273"
    },
    {
      "cve": "CVE-2023-4527",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-4527"
    },
    {
      "cve": "CVE-2023-4806",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-4806"
    },
    {
      "cve": "CVE-2023-4911",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A buffer overflow was discovered in the GNU C Library\u0027s dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-4911"
    },
    {
      "cve": "CVE-2023-5156",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-5156"
    },
    {
      "cve": "CVE-2023-31248",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-31248"
    },
    {
      "cve": "CVE-2023-35001",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-35001"
    },
    {
      "cve": "CVE-2023-45863",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in a fill_kobj_path out-of-bounds write.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.3.0 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109945851/"
        },
        {
          "category": "workaround",
          "details": "Only build and run applications from trusted sources",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-45863"
    }
  ]
}

{
  "document": {
    "acknowledgments": [
      {
        "organization": "Siemens ProductCERT",
        "summary": "reporting these vulnerabilities to CISA."
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the firmware version  \u003e= V3.1.0 and \u003c V3.1.5 for the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP (incl. SIPLUS variant).\n\nThese GNU/Linux vulnerabilities have been externally identified. \nSiemens has released new versions for the affected products and recommends to update to the latest versions.\n\nNote: This SSA advises vulnerabilities for firmware version V3.1 only; for versions \u003c V3.1 refer to Siemens Security Bulletin SSB-439005 (\nhttps://cert-portal.siemens.com/productcert/html/ssb-439005.html).",
        "title": "Summary"
      },
      {
        "category": "general",
        "text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
        "title": "General Recommendations"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
        "title": "Terms of Use"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "other",
        "text": "This ICSA is a verbatim republication of Siemens ProductCERT SSA-398330 from a direct conversion of the vendor\u0027s Common Security Advisory Framework (CSAF) advisory. This is republished to CISA\u0027s website as a means of increasing visibility and is provided \"as-is\" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory.  Further, CISA does not endorse any commercial product or service.  Please contact Siemens ProductCERT directly for any questions regarding this advisory.",
        "title": "Advisory Conversion Disclaimer"
      },
      {
        "category": "other",
        "text": "Critical Manufacturing, Transportation Systems, Energy, Healthcare and Public Health, Financial Services, Government Services and Facilities",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Germany",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "central@cisa.dhs.gov",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "SSA-398330: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP  \u003e= V3.1.0 and \u003c V3.1.5 - CSAF Version",
        "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-398330.json"
      },
      {
        "category": "self",
        "summary": "SSA-398330: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP  \u003e= V3.1.0 and \u003c V3.1.5 - HTML Version",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-398330.html"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-23-348-10 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2023/icsa-23-348-10.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-23-348-10 - Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-10"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/topics/industrial-control-systems"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
      }
    ],
    "title": "Siemens SIMATIC S7-1500",
    "tracking": {
      "current_release_date": "2025-08-12T00:00:00.000000Z",
      "generator": {
        "date": "2025-08-14T23:08:55.270985Z",
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-23-348-10",
      "initial_release_date": "2023-12-12T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2023-12-12T00:00:00.000000Z",
          "legacy_version": "1.0",
          "number": "1",
          "summary": "Publication Date"
        },
        {
          "date": "2024-01-09T00:00:00.000000Z",
          "legacy_version": "1.1",
          "number": "2",
          "summary": "Added CVE-2021-44879, CVE-2023-46218, CVE-2023-46219, and CVE-2023-48795"
        },
        {
          "date": "2024-02-13T00:00:00.000000Z",
          "legacy_version": "1.2",
          "number": "3",
          "summary": "Added CVE-2023-45898, CVE-2023-46862, CVE-2023-6121, CVE-2023-6817, CVE-2023-6931, CVE-2023-6932, CVE-2024-0584"
        },
        {
          "date": "2024-03-12T00:00:00.000000Z",
          "legacy_version": "1.3",
          "number": "4",
          "summary": "Added CVE-2023-52425, CVE-2023-52426, CVE-2023-45918"
        },
        {
          "date": "2024-04-09T00:00:00.000000Z",
          "legacy_version": "1.4",
          "number": "5",
          "summary": "Added CVE-2024-28757"
        },
        {
          "date": "2024-05-14T00:00:00.000000Z",
          "legacy_version": "1.5",
          "number": "6",
          "summary": "Added CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466, CVE-2024-2511, CVE-2024-28085, CVE-2024-28182, CVE-2024-28834, CVE-2024-28835"
        },
        {
          "date": "2024-06-11T00:00:00.000000Z",
          "legacy_version": "1.6",
          "number": "7",
          "summary": "Added CVE-2024-2961, CVE-2024-33599, CVE-2024-33600, CVE-2024-33601, CVE-2024-33602, CVE-2024-34459"
        },
        {
          "date": "2024-07-09T00:00:00.000000Z",
          "legacy_version": "1.7",
          "number": "8",
          "summary": "Added CVE-2024-5535, CVE-2024-5742"
        },
        {
          "date": "2024-08-13T00:00:00.000000Z",
          "legacy_version": "1.8",
          "number": "9",
          "summary": "Added CVE-2017-15422, CVE-2024-7264, CVE-2024-37370, CVE-2024-37371"
        },
        {
          "date": "2024-10-08T00:00:00.000000Z",
          "legacy_version": "1.9",
          "number": "10",
          "summary": "Added CVE-2024-6409, CVE-2024-8096, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492"
        },
        {
          "date": "2024-11-12T00:00:00.000000Z",
          "legacy_version": "2.0",
          "number": "11",
          "summary": "Added CVE-2024-2236, CVE-2024-9143"
        },
        {
          "date": "2024-12-10T00:00:00.000000Z",
          "legacy_version": "2.1",
          "number": "12",
          "summary": "Added CVE-2024-50602, CVE-2024-52533"
        },
        {
          "date": "2025-01-14T00:00:00.000000Z",
          "legacy_version": "2.2",
          "number": "13",
          "summary": "Added CVE-2024-11053"
        },
        {
          "date": "2025-02-11T00:00:00.000000Z",
          "legacy_version": "2.3",
          "number": "14",
          "summary": "Added multiple CVEs"
        },
        {
          "date": "2025-03-11T00:00:00.000000Z",
          "legacy_version": "2.4",
          "number": "15",
          "summary": "Added CVE-2023-52622, CVE-2024-12133, -12243, -26645, -26671, -26679, -26772, -26773, -26777, -26805, -26923, -27020, -27032, -36017, -36484, -36904, -36905, -36934, -39487, -41046, -42106, -42131, -42154, -43871, -44944, -44965, -46743, -46745, -46750, -47684, -47701, -47737, -49881, -49884, -49948, -49949, -49952, -49997, -50006, -50040, -50045, -50251, -50262, -50299, -50301, -53057, -53140, -53165, -53217, CVE-2025-0167, -0395, -0665, -0725, -26465, -26466"
        },
        {
          "date": "2025-04-08T00:00:00.000000Z",
          "legacy_version": "2.5",
          "number": "16",
          "summary": "Added CVE-2025-21694, CVE-2025-1390, CVE-2024-8176, CVE-2024-57901, CVE-2024-57884, CVE-2024-56780, CVE-2024-56779, CVE-2024-56770, CVE-2024-56650, CVE-2024-56644, CVE-2024-56606, CVE-2024-56601, CVE-2024-56600, CVE-2024-56570, CVE-2024-56569, CVE-2024-53164, CVE-2024-53124, CVE-2024-52332, CVE-2024-48881, CVE-2024-47707, CVE-2024-12243"
        },
        {
          "date": "2025-06-10T00:00:00.000000Z",
          "legacy_version": "2.6",
          "number": "17",
          "summary": "Added fix for SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP incl. SIPLUS variants"
        },
        {
          "date": "2025-08-12T00:00:00.000000Z",
          "legacy_version": "2.7",
          "number": "18",
          "summary": "Removed CVE-2021-41617, CVE-2023-28531, CVE-2023-38545, CVE-2023-38546, CVE-2023-44487, CVE-2023-4527, CVE-2023-46218, CVE-2023-46219, CVE-2023-4806, CVE-2023-48795, CVE-2023-4911, CVE-2024-12133, CVE-2024-12243, CVE-2024-28085, CVE-2024-2961, CVE-2024-33599, CVE-2024-33600, CVE-2024-33601, CVE-2024-33602, CVE-2024-37370, CVE-2024-37371, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2025-26465, CVE-2025-46836 as they are not fixed in V3.1.5 and advised in SSA-082556"
        }
      ],
      "status": "final",
      "version": "18"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/\u003e=3.1.0|\u003c3.1.5",
                "product": {
                  "name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)",
                  "product_id": "CSAFPID-0001",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6ES7518-4AX00-1AB0"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/\u003e=3.1.0|\u003c3.1.5",
                "product": {
                  "name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)",
                  "product_id": "CSAFPID-0002",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6ES7518-4AX00-1AC0"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/\u003e=3.1.0|\u003c3.1.5",
                "product": {
                  "name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)",
                  "product_id": "CSAFPID-0003",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6ES7518-4FX00-1AB0"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/\u003e=3.1.0|\u003c3.1.5",
                "product": {
                  "name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)",
                  "product_id": "CSAFPID-0004",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6ES7518-4FX00-1AC0"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/\u003e=3.1.0|\u003c3.1.5",
                "product": {
                  "name": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)",
                  "product_id": "CSAFPID-0005",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6AG1518-4AX00-4AC0"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2013-0340",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "expat 2.1.0 and earlier does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue.  NOTE: it could be argued that because expat already provides the ability to disable external entity expansion, the responsibility for resolving this issue lies with application developers; according to this argument, this entry should be REJECTed, and each affected application would need its own CVE.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2013-0340"
    },
    {
      "cve": "CVE-2013-4235",
      "cwe": {
        "id": "CWE-367",
        "name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
      },
      "notes": [
        {
          "category": "summary",
          "text": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2013-4235"
    },
    {
      "cve": "CVE-2014-7209",
      "cwe": {
        "id": "CWE-77",
        "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "run-mailcap in the Debian mime-support package before 3.52-1+deb7u1 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.0,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2014-7209"
    },
    {
      "cve": "CVE-2015-20107",
      "cwe": {
        "id": "CWE-77",
        "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2015-20107"
    },
    {
      "cve": "CVE-2016-3189",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2016-3189"
    },
    {
      "cve": "CVE-2016-3709",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Possible cross-site scripting vulnerability in libxml after commit 960f0e2.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2016-3709"
    },
    {
      "cve": "CVE-2016-4658",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2016-4658"
    },
    {
      "cve": "CVE-2016-5131",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2016-5131"
    },
    {
      "cve": "CVE-2016-9318",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and other products, does not offer a flag directly indicating that the current document may be read but other files may not be opened, which makes it easier for remote attackers to conduct XML External Entity (XXE) attacks via a crafted document.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2016-9318"
    },
    {
      "cve": "CVE-2016-10228",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2016-10228"
    },
    {
      "cve": "CVE-2016-10739",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2016-10739"
    },
    {
      "cve": "CVE-2017-0663",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37104170.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2017-0663"
    },
    {
      "cve": "CVE-2017-7375",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw in libxml2 allows remote XML entity inclusion with default parser flags (i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes). Depending on the context, this may expose a higher-risk attack surface in libxml2 not usually reachable with default parser flags, and expose content from local files, HTTP, or FTP servers (which might be otherwise unreachable).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2017-7375"
    },
    {
      "cve": "CVE-2017-7376",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2017-7376"
    },
    {
      "cve": "CVE-2017-9047",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A buffer overflow was discovered in libxml2 20904-GITv2.9.4-16-g0741801. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer \u0027buf\u0027 of size \u0027size\u0027. The variable len is assigned strlen(buf). If the content-\u003etype is XML_ELEMENT_CONTENT_ELEMENT, then (i) the content-\u003eprefix is appended to buf (if it actually fits) whereupon (ii) content-\u003ename is written to the buffer. However, the check for whether the content-\u003ename actually fits also uses \u0027len\u0027 rather than the updated buffer length strlen(buf). This allows us to write about \"size\" many bytes beyond the allocated memory. This vulnerability causes programs that use libxml2, such as PHP, to crash.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2017-9047"
    },
    {
      "cve": "CVE-2017-9048",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer \u0027buf\u0027 of size \u0027size\u0027. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 \u003c size. This vulnerability causes programs that use libxml2, such as PHP, to crash.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2017-9048"
    },
    {
      "cve": "CVE-2017-9049",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictComputeFastKey function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for libxml2 Bug 759398.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2017-9049"
    },
    {
      "cve": "CVE-2017-9050",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for CVE-2016-1839.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2017-9050"
    },
    {
      "cve": "CVE-2017-15422",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Integer overflow in international date handling in International Components for Unicode (ICU) for C/C++ before 60.1, as used in V8 in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2017-15422"
    },
    {
      "cve": "CVE-2017-16931",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a \u0027%\u0027 character in a DTD name.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2017-16931"
    },
    {
      "cve": "CVE-2017-16932",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2017-16932"
    },
    {
      "cve": "CVE-2017-17512",
      "cwe": {
        "id": "CWE-74",
        "name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "sensible-browser in sensible-utils before 0.0.11 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2017-17512"
    },
    {
      "cve": "CVE-2017-18258",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2017-18258"
    },
    {
      "cve": "CVE-2018-0495",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2018-0495"
    },
    {
      "cve": "CVE-2018-12886",
      "cwe": {
        "id": "CWE-209",
        "name": "Generation of Error Message Containing Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2018-12886"
    },
    {
      "cve": "CVE-2018-14404",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2018-14404"
    },
    {
      "cve": "CVE-2018-14567",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2018-14567"
    },
    {
      "cve": "CVE-2018-18928",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "International Components for Unicode (ICU) for C/C++ 63.1 has an integer overflow in number::impl::DecimalQuantity::toScientificString() in i18n/number_decimalquantity.cpp.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2018-18928"
    },
    {
      "cve": "CVE-2018-19591",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2018-19591"
    },
    {
      "cve": "CVE-2018-20482",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be archived by a different user\u0027s process (e.g., a system backup running as root).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2018-20482"
    },
    {
      "cve": "CVE-2018-20843",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2018-20843"
    },
    {
      "cve": "CVE-2018-25032",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2018-25032"
    },
    {
      "cve": "CVE-2019-3855",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-3855"
    },
    {
      "cve": "CVE-2019-3856",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-3856"
    },
    {
      "cve": "CVE-2019-3857",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-3857"
    },
    {
      "cve": "CVE-2019-3858",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-3858"
    },
    {
      "cve": "CVE-2019-3859",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-3859"
    },
    {
      "cve": "CVE-2019-3860",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-3860"
    },
    {
      "cve": "CVE-2019-3861",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-3861"
    },
    {
      "cve": "CVE-2019-3862",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-3862"
    },
    {
      "cve": "CVE-2019-3863",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-3863"
    },
    {
      "cve": "CVE-2019-5018",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-5018"
    },
    {
      "cve": "CVE-2019-5094",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-5094"
    },
    {
      "cve": "CVE-2019-5188",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-5188"
    },
    {
      "cve": "CVE-2019-5435",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An integer overflow in curl\u0027s URL API results in a buffer overflow in libcurl 7.62.0 to and including 7.64.1.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-5435"
    },
    {
      "cve": "CVE-2019-5436",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-5436"
    },
    {
      "cve": "CVE-2019-5443",
      "cwe": {
        "id": "CWE-427",
        "name": "Uncontrolled Search Path Element"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A non-privileged user or program can put code and a config file in a known non-privileged path (under C:/usr/local/) that will make curl \u003c= 7.65.1 automatically run the code (as an openssl \"engine\") on invocation. If that curl is invoked by a privileged user it can do anything it wants.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-5443"
    },
    {
      "cve": "CVE-2019-5481",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-5481"
    },
    {
      "cve": "CVE-2019-5482",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-5482"
    },
    {
      "cve": "CVE-2019-6109",
      "cwe": {
        "id": "CWE-116",
        "name": "Improper Encoding or Escaping of Output"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-6109"
    },
    {
      "cve": "CVE-2019-6110",
      "cwe": {
        "id": "CWE-838",
        "name": "Inappropriate Encoding for Output Context"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-6110"
    },
    {
      "cve": "CVE-2019-6111",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-6111"
    },
    {
      "cve": "CVE-2019-6488",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The string component in the GNU C Library (aka glibc or libc6) through 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register for size_t in assembly codes, which can lead to a segmentation fault or possibly unspecified other impact, as demonstrated by a crash in __memmove_avx_unaligned_erms in sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S during a memcpy.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-6488"
    },
    {
      "cve": "CVE-2019-7309",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the GNU C Library (aka glibc or libc6) through 2.29, the memcmp function for the x32 architecture can incorrectly return zero (indicating that the inputs are equal) because the RDX most significant bit is mishandled.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-7309"
    },
    {
      "cve": "CVE-2019-8457",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-8457"
    },
    {
      "cve": "CVE-2019-9169",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-9169"
    },
    {
      "cve": "CVE-2019-9636",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached against a given hostname). The components are: urllib.parse.urlsplit, urllib.parse.urlparse. The attack vector is: A specially crafted URL could be incorrectly parsed to locate cookies or authentication data and send that information to a different host than when parsed correctly. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.7, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.3, v3.7.3rc1, v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-9636"
    },
    {
      "cve": "CVE-2019-9674",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-9674"
    },
    {
      "cve": "CVE-2019-9740",
      "cwe": {
        "id": "CWE-93",
        "name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the query string after a ? character) followed by an HTTP header or a Redis command. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-9740"
    },
    {
      "cve": "CVE-2019-9923",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-9923"
    },
    {
      "cve": "CVE-2019-9936",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQLite 3.27.2, running fts5 prefix queries inside a transaction could trigger a heap-based buffer over-read in fts5HashEntrySort in sqlite3.c, which may lead to an information leak. This is related to ext/fts5/fts5_hash.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-9936"
    },
    {
      "cve": "CVE-2019-9937",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQLite 3.27.2, interleaving reads and writes in a single transaction with an fts5 virtual table will lead to a NULL Pointer Dereference in fts5ChunkIterate in sqlite3.c. This is related to ext/fts5/fts5_hash.c and ext/fts5/fts5_index.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-9937"
    },
    {
      "cve": "CVE-2019-9947",
      "cwe": {
        "id": "CWE-93",
        "name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the path component of a URL that lacks a ? character) followed by an HTTP header or a Redis command. This is similar to the CVE-2019-9740 query string issue. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-9947"
    },
    {
      "cve": "CVE-2019-9948",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen(\u0027local_file:///etc/passwd\u0027) call.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-9948"
    },
    {
      "cve": "CVE-2019-10160",
      "cwe": {
        "id": "CWE-172",
        "name": "Encoding Error"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A security regression of CVE-2019-9636 was discovered in python since commit d537ab0ff9767ef024f26246899728f0116b1ec3 affecting versions 2.7, 3.5, 3.6, 3.7 and from v3.8.0a4 through v3.8.0b1, which still allows an attacker to exploit CVE-2019-9636 by abusing the user and password parts of a URL. When an application parses user-supplied URLs to store cookies, authentication credentials, or other kind of information, it is possible for an attacker to provide specially crafted URLs to make the application locate host-related information (e.g. cookies, authentication data) and send them to a different host than where it should, unlike if the URLs had been correctly parsed. The result of an attack may vary based on the application.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-10160"
    },
    {
      "cve": "CVE-2019-11360",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-11360"
    },
    {
      "cve": "CVE-2019-12290",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the inclusion of certain punycoded Unicode characters (that would be discarded when converted first to a Unicode label and then back to an ASCII label), arbitrary domains can be impersonated.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-12290"
    },
    {
      "cve": "CVE-2019-12900",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-12900"
    },
    {
      "cve": "CVE-2019-12904",
      "cwe": {
        "id": "CWE-668",
        "name": "Exposure of Resource to Wrong Sphere"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. (The C implementation is used on platforms where an assembly-language implementation is unavailable.) NOTE: the vendor\u0027s position is that the issue report cannot be validated because there is no description of an attack",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-12904"
    },
    {
      "cve": "CVE-2019-13057",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN (database admin) privileges for certain databases but wants to maintain isolation (e.g., for multi-tenant deployments), slapd does not properly stop a rootDN from requesting authorization as an identity from another database during a SASL bind or with a proxyAuthz (RFC 4370) control. (It is not a common configuration to deploy a system where the server administrator and a DB administrator enjoy different levels of trust.)",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-13057"
    },
    {
      "cve": "CVE-2019-13565",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered in those ACLs. After the first SASL bind is completed, the sasl_ssf value is retained for all new non-SASL connections. Depending on the ACL configuration, this can affect different types of operations (searches, modifications, etc.). In other words, a successful authorization step completed by one user affects the authorization requirement for a different user.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-13565"
    },
    {
      "cve": "CVE-2019-13627",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-13627"
    },
    {
      "cve": "CVE-2019-15847",
      "cwe": {
        "id": "CWE-331",
        "name": "Insufficient Entropy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-15847"
    },
    {
      "cve": "CVE-2019-15903",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-15903"
    },
    {
      "cve": "CVE-2019-16056",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. An attack may be the same as in CVE-2019-11340; however, this CVE applies to Python more generally.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-16056"
    },
    {
      "cve": "CVE-2019-16168",
      "cwe": {
        "id": "CWE-369",
        "name": "Divide By Zero"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a \"severe division by zero in the query planner.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-16168"
    },
    {
      "cve": "CVE-2019-16905",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-16905"
    },
    {
      "cve": "CVE-2019-17498",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-17498"
    },
    {
      "cve": "CVE-2019-17543",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor states \"only a few specific / uncommon usages of the API are at risk.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-17543"
    },
    {
      "cve": "CVE-2019-17594",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-17594"
    },
    {
      "cve": "CVE-2019-17595",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-17595"
    },
    {
      "cve": "CVE-2019-18224",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "idn2_to_ascii_4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-18224"
    },
    {
      "cve": "CVE-2019-18276",
      "cwe": {
        "id": "CWE-273",
        "name": "Improper Check for Dropped Privileges"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems that support \"saved UID\" functionality, the saved UID is not dropped. An attacker with command execution in the shell can use \"enable -f\" for runtime loading of a new builtin, which can be a shared object that calls setuid() and therefore regains privileges. However, binaries running with an effective UID of 0 are unaffected.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-18276"
    },
    {
      "cve": "CVE-2019-18348",
      "cwe": {
        "id": "CWE-74",
        "name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the host component of a URL) followed by an HTTP header. This is similar to the CVE-2019-9740 query string issue and the CVE-2019-9947 path string issue. (This is not exploitable when glibc has CVE-2016-10739 fixed.). This is fixed in: v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1; v3.6.11, v3.6.11rc1, v3.6.12; v3.7.8, v3.7.8rc1, v3.7.9; v3.8.3, v3.8.3rc1, v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-18348"
    },
    {
      "cve": "CVE-2019-19126",
      "cwe": {
        "id": "CWE-665",
        "name": "Improper Initialization"
      },
      "notes": [
        {
          "category": "summary",
          "text": "On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-19126"
    },
    {
      "cve": "CVE-2019-19242",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite 3.30.1 mishandles pExpr-\u003ey.pTab, as demonstrated by the TK_COLUMN case in sqlite3ExprCodeTarget in expr.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-19242"
    },
    {
      "cve": "CVE-2019-19244",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-19244"
    },
    {
      "cve": "CVE-2019-19317",
      "cwe": {
        "id": "CWE-681",
        "name": "Incorrect Conversion between Numeric Types"
      },
      "notes": [
        {
          "category": "summary",
          "text": "lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service or possibly have unspecified other impact.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-19317"
    },
    {
      "cve": "CVE-2019-19603",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-19603"
    },
    {
      "cve": "CVE-2019-19645",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-19645"
    },
    {
      "cve": "CVE-2019-19646",
      "cwe": {
        "id": "CWE-754",
        "name": "Improper Check for Unusual or Exceptional Conditions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-19646"
    },
    {
      "cve": "CVE-2019-19880",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-19880"
    },
    {
      "cve": "CVE-2019-19906",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-19906"
    },
    {
      "cve": "CVE-2019-19923",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-19923"
    },
    {
      "cve": "CVE-2019-19924",
      "cwe": {
        "id": "CWE-755",
        "name": "Improper Handling of Exceptional Conditions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-19924"
    },
    {
      "cve": "CVE-2019-19925",
      "cwe": {
        "id": "CWE-434",
        "name": "Unrestricted Upload of File with Dangerous Type"
      },
      "notes": [
        {
          "category": "summary",
          "text": "zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-19925"
    },
    {
      "cve": "CVE-2019-19926",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-19926"
    },
    {
      "cve": "CVE-2019-19956",
      "cwe": {
        "id": "CWE-772",
        "name": "Missing Release of Resource after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc-\u003eoldNs.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-19956"
    },
    {
      "cve": "CVE-2019-19959",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded \u0027\\0\u0027 characters in filenames, leading to a memory-management error that can be detected by (for example) valgrind.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-19959"
    },
    {
      "cve": "CVE-2019-20218",
      "cwe": {
        "id": "CWE-755",
        "name": "Improper Handling of Exceptional Conditions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-20218"
    },
    {
      "cve": "CVE-2019-20367",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table (strtab).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-20367"
    },
    {
      "cve": "CVE-2019-20388",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-20388"
    },
    {
      "cve": "CVE-2019-20795",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "iproute2 before 5.1.0 has a use-after-free in get_netnsid_from_name in ip/ipnetns.c. NOTE: security relevance may be limited to certain uses of setuid that, although not a default, are sometimes a configuration option offered to end users. Even when setuid is used, other factors (such as C library configuration) may block exploitability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-20795"
    },
    {
      "cve": "CVE-2019-20907",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-20907"
    },
    {
      "cve": "CVE-2019-25013",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-25013"
    },
    {
      "cve": "CVE-2019-1010022",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-1010022"
    },
    {
      "cve": "CVE-2019-1010023",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-1010023"
    },
    {
      "cve": "CVE-2019-1010024",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-1010024"
    },
    {
      "cve": "CVE-2019-1010025",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "summary",
          "text": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor\u0027s position is \"ASLR bypass itself is not a vulnerability.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-1010025"
    },
    {
      "cve": "CVE-2019-1010180",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2019-1010180"
    },
    {
      "cve": "CVE-2020-1712",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-1712"
    },
    {
      "cve": "CVE-2020-1751",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-1751"
    },
    {
      "cve": "CVE-2020-1752",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-1752"
    },
    {
      "cve": "CVE-2020-6096",
      "cwe": {
        "id": "CWE-195",
        "name": "Signed to Unsigned Conversion Error"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the \u0027num\u0027 parameter results in a signed comparison vulnerability. If an attacker underflows the \u0027num\u0027 parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-6096"
    },
    {
      "cve": "CVE-2020-7595",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-7595"
    },
    {
      "cve": "CVE-2020-8169",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The libcurl library versions 7.62.0 to and including  7.70.0 are vulnerable to an information disclosure vulnerability that can lead to a partial password being leaked over the network and to the DNS server(s).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-8169"
    },
    {
      "cve": "CVE-2020-8177",
      "cwe": {
        "id": "CWE-74",
        "name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-8177"
    },
    {
      "cve": "CVE-2020-8231",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-8231"
    },
    {
      "cve": "CVE-2020-8284",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-8284"
    },
    {
      "cve": "CVE-2020-8285",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-8285"
    },
    {
      "cve": "CVE-2020-8286",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The libcurl library versions 7.41.0 to and including  7.73.0 are vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response. This vulnerability could allow an attacker to pass a revoked certificate as valid.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-8286"
    },
    {
      "cve": "CVE-2020-8315",
      "cwe": {
        "id": "CWE-427",
        "name": "Uncontrolled Search Path Element"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Python (CPython) 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1, an insecure dependency load upon launch on Windows 7 may result in an attacker\u0027s copy of api-ms-win-core-path-l1-1-0.dll being loaded and used instead of the system\u0027s copy. Windows 8 and later are unaffected.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-8315"
    },
    {
      "cve": "CVE-2020-8492",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-8492"
    },
    {
      "cve": "CVE-2020-9327",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-9327"
    },
    {
      "cve": "CVE-2020-10029",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-10029"
    },
    {
      "cve": "CVE-2020-10531",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-10531"
    },
    {
      "cve": "CVE-2020-10543",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-10543"
    },
    {
      "cve": "CVE-2020-10735",
      "cwe": {
        "id": "CWE-704",
        "name": "Incorrect Type Conversion or Cast"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int(\"text\"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-10735"
    },
    {
      "cve": "CVE-2020-10878",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Perl before 5.30.3 has an integer overflow related to mishandling of a \"PL_regkind[OP(n)] == NOTHING\" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-10878"
    },
    {
      "cve": "CVE-2020-11501",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is 3.6.3 (2018-07-16) because of an error in a 2017-10-06 commit. The DTLS client always uses 32 \u0027\\0\u0027 bytes instead of a random value, and thus contributes no randomness to a DTLS negotiation. This breaks the security guarantees of the DTLS protocol.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-11501"
    },
    {
      "cve": "CVE-2020-11655",
      "cwe": {
        "id": "CWE-665",
        "name": "Improper Initialization"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object\u0027s initialization is mishandled.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-11655"
    },
    {
      "cve": "CVE-2020-11656",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-11656"
    },
    {
      "cve": "CVE-2020-12062",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call failure, which allows a malicious unprivileged user on the remote server to overwrite arbitrary files in the client\u0027s download directory by creating a crafted subdirectory anywhere on the remote server. The victim must use the command scp -rp to download a file hierarchy containing, anywhere inside, this crafted subdirectory. NOTE: the vendor points out that \"this attack can achieve no more than a hostile peer is already able to achieve within the scp protocol\" and \"utimes does not fail under normal circumstances.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-12062"
    },
    {
      "cve": "CVE-2020-12243",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "mitigation",
          "details": "Limit remote access to port 22350/tcp on systems where the Codemeter runtime network server is running (for details refer to the updated security manual of WinCC OA).",
          "product_ids": [
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-12243"
    },
    {
      "cve": "CVE-2020-12723",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-12723"
    },
    {
      "cve": "CVE-2020-12762",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-12762"
    },
    {
      "cve": "CVE-2020-13434",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-13434"
    },
    {
      "cve": "CVE-2020-13435",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-13435"
    },
    {
      "cve": "CVE-2020-13529",
      "cwe": {
        "id": "CWE-290",
        "name": "Authentication Bypass by Spoofing"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-13529"
    },
    {
      "cve": "CVE-2020-13630",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-13630"
    },
    {
      "cve": "CVE-2020-13631",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-13631"
    },
    {
      "cve": "CVE-2020-13632",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-13632"
    },
    {
      "cve": "CVE-2020-13776",
      "cwe": {
        "id": "CWE-269",
        "name": "Improper Privilege Management"
      },
      "notes": [
        {
          "category": "summary",
          "text": "systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-13776"
    },
    {
      "cve": "CVE-2020-13777",
      "cwe": {
        "id": "CWE-327",
        "name": "Use of a Broken or Risky Cryptographic Algorithm"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until the first key rotation, the TLS server always uses wrong data in place of an encryption key derived from an application.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-13777"
    },
    {
      "cve": "CVE-2020-13871",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-13871"
    },
    {
      "cve": "CVE-2020-14145",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-14145"
    },
    {
      "cve": "CVE-2020-14422",
      "cwe": {
        "id": "CWE-682",
        "name": "Incorrect Calculation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this attacker can cause many dictionary entries to be created. This is fixed in: v3.5.10, v3.5.10rc1; v3.6.12; v3.7.9; v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1; v3.9.0, v3.9.0b4, v3.9.0b5, v3.9.0rc1, v3.9.0rc2.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-14422"
    },
    {
      "cve": "CVE-2020-15358",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-15358"
    },
    {
      "cve": "CVE-2020-15523",
      "cwe": {
        "id": "CWE-427",
        "name": "Uncontrolled Search Path Element"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, and 3.9 through 3.9.0b4 on Windows, a Trojan horse python3.dll might be used in cases where CPython is embedded in a native application. This occurs because python3X.dll may use an invalid search path for python3.dll loading (after Py_SetPath has been used). NOTE: this issue CANNOT occur when using python.exe from a standard (non-embedded) Python installation on Windows.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-15523"
    },
    {
      "cve": "CVE-2020-15778",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of \"anomalous argument transfers\" because that could \"stand a great chance of breaking existing workflows.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-15778"
    },
    {
      "cve": "CVE-2020-15801",
      "cwe": {
        "id": "CWE-426",
        "name": "Untrusted Search Path"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Python 3.8.4, sys.path restrictions specified in a python38._pth file are ignored, allowing code to be loaded from arbitrary locations. The \u003cexecutable-name\u003e._pth file (e.g., the python._pth file) is not affected.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-15801"
    },
    {
      "cve": "CVE-2020-19185",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Buffer Overflow vulnerability in one_one_mapping function in progs/dump_entry.c:1373 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-19185"
    },
    {
      "cve": "CVE-2020-19186",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Buffer Overflow vulnerability in _nc_find_entry function in tinfo/comp_hash.c:66 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-19186"
    },
    {
      "cve": "CVE-2020-19187",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1100 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-19187"
    },
    {
      "cve": "CVE-2020-19188",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1116 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-19188"
    },
    {
      "cve": "CVE-2020-19189",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Buffer Overflow vulnerability in postprocess_terminfo function in tinfo/parse_entry.c:997 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-19189"
    },
    {
      "cve": "CVE-2020-19190",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Buffer Overflow vulnerability in _nc_find_entry in tinfo/comp_hash.c:70 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-19190"
    },
    {
      "cve": "CVE-2020-19909",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via a large value as the retry delay. NOTE: many parties report that this has no direct security impact on the curl user; however, it may (in theory) cause a denial of service to associated systems or networks if, for example, --retry-delay is misinterpreted as a value much smaller than what was intended. This is not especially plausible because the overflow only happens if the user was trying to specify that curl should wait weeks (or longer) before trying to recover from a transient error.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-19909"
    },
    {
      "cve": "CVE-2020-21047",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The libcpu component which is used by libasm of elfutils version 0.177 (git 47780c9e), suffers from denial-of-service vulnerability caused by application crashes due to out-of-bounds write (CWE-787), off-by-one error (CWE-193) and reachable assertion (CWE-617); to exploit the vulnerability, the attackers need to craft certain ELF files which bypass the missing bound checks.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-21047"
    },
    {
      "cve": "CVE-2020-21913",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "International Components for Unicode (ICU-20850) v66.1 was discovered to contain a use after free bug in the pkg_createWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-21913"
    },
    {
      "cve": "CVE-2020-22218",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access out of bounds memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-22218"
    },
    {
      "cve": "CVE-2020-24659",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application\u0027s error handling path, where the gnutls_deinit function is called after detecting a handshake failure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-24659"
    },
    {
      "cve": "CVE-2020-24977",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-24977"
    },
    {
      "cve": "CVE-2020-25692",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-25692"
    },
    {
      "cve": "CVE-2020-25709",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP\u2019s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-25709"
    },
    {
      "cve": "CVE-2020-25710",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-25710"
    },
    {
      "cve": "CVE-2020-26116",
      "cwe": {
        "id": "CWE-74",
        "name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-26116"
    },
    {
      "cve": "CVE-2020-27618",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-27618"
    },
    {
      "cve": "CVE-2020-28196",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-28196"
    },
    {
      "cve": "CVE-2020-29361",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations in the p11-kit library and the p11-kit list command, where overflow checks are missing before calling realloc or calloc.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-29361"
    },
    {
      "cve": "CVE-2020-29362",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in p11-kit 0.21.1 through 0.23.21. A heap-based buffer over-read has been discovered in the RPC protocol used by thep11-kit server/remote commands and the client library. When the remote entity supplies a byte array through a serialized PKCS#11 function call, the receiving entity may allow the reading of up to 4 bytes of memory past the heap allocation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-29362"
    },
    {
      "cve": "CVE-2020-29363",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in p11-kit 0.23.6 through 0.23.21. A heap-based buffer overflow has been discovered in the RPC protocol used by p11-kit server/remote commands and the client library. When the remote entity supplies a serialized byte array in a CK_ATTRIBUTE, the receiving entity may not allocate sufficient length for the buffer to store the deserialized value.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-29363"
    },
    {
      "cve": "CVE-2020-29562",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-29562"
    },
    {
      "cve": "CVE-2020-29573",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \\x00\\x04\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x04 value to sprintf. NOTE: the issue does not affect glibc by default in 2016 or later (i.e., 2.23 or later) because of commits made in 2015 for inlining of C99 math functions through use of GCC built-ins. In other words, the reference to 2.23 is intentional despite the mention of \"Fixed for glibc 2.33\" in the 26649 reference.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-29573"
    },
    {
      "cve": "CVE-2020-35525",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQlite 3.31.1, a potential null pointer derreference was found in the INTERSEC query processing.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-35525"
    },
    {
      "cve": "CVE-2020-35527",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQLite 3.31.1, there is an out of bounds access problem through ALTER TABLE for views that have a nested FROM clause.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-35527"
    },
    {
      "cve": "CVE-2020-36221",
      "cwe": {
        "id": "CWE-191",
        "name": "Integer Underflow (Wrap or Wraparound)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-36221"
    },
    {
      "cve": "CVE-2020-36222",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-36222"
    },
    {
      "cve": "CVE-2020-36223",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-36223"
    },
    {
      "cve": "CVE-2020-36224",
      "cwe": {
        "id": "CWE-763",
        "name": "Release of Invalid Pointer or Reference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-36224"
    },
    {
      "cve": "CVE-2020-36225",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-36225"
    },
    {
      "cve": "CVE-2020-36226",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch-\u003ebv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-36226"
    },
    {
      "cve": "CVE-2020-36227",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-36227"
    },
    {
      "cve": "CVE-2020-36228",
      "cwe": {
        "id": "CWE-191",
        "name": "Integer Underflow (Wrap or Wraparound)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-36228"
    },
    {
      "cve": "CVE-2020-36229",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-36229"
    },
    {
      "cve": "CVE-2020-36230",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2020-36230"
    },
    {
      "cve": "CVE-2021-3177",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-3177"
    },
    {
      "cve": "CVE-2021-3326",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-3326"
    },
    {
      "cve": "CVE-2021-3426",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There\u0027s a flaw in Python 3\u0027s pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to access. The highest risk of this flaw is to data confidentiality. This flaw affects Python versions before 3.8.9, Python versions before 3.9.3 and Python versions before 3.10.0a7.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-3426"
    },
    {
      "cve": "CVE-2021-3516",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There\u0027s a flaw in libxml2\u0027s xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-3516"
    },
    {
      "cve": "CVE-2021-3517",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to application availability, with some potential impact to confidentiality and integrity if an attacker is able to use memory information to further exploit the application.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-3517"
    },
    {
      "cve": "CVE-2021-3518",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There\u0027s a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-3518"
    },
    {
      "cve": "CVE-2021-3520",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There\u0027s a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-3520"
    },
    {
      "cve": "CVE-2021-3537",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-3537"
    },
    {
      "cve": "CVE-2021-3541",
      "cwe": {
        "id": "CWE-776",
        "name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-3541"
    },
    {
      "cve": "CVE-2021-3580",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the way nettle\u0027s RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-3580"
    },
    {
      "cve": "CVE-2021-3733",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There\u0027s a flaw in urllib\u0027s AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specially crafted payload that is sent by the server to the client. The greatest threat that this flaw poses is to application availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-3733"
    },
    {
      "cve": "CVE-2021-3737",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-3737"
    },
    {
      "cve": "CVE-2021-3826",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Heap/stack buffer overflow in the dlang_lname function in d-demangle.c in libiberty allows attackers to potentially cause a denial of service (segmentation fault and crash) via a crafted mangled symbol.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-3826"
    },
    {
      "cve": "CVE-2021-3997",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-3997"
    },
    {
      "cve": "CVE-2021-3998",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-3998"
    },
    {
      "cve": "CVE-2021-3999",
      "cwe": {
        "id": "CWE-193",
        "name": "Off-by-one Error"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-3999"
    },
    {
      "cve": "CVE-2021-4122",
      "cwe": {
        "id": "CWE-345",
        "name": "Insufficient Verification of Data Authenticity"
      },
      "notes": [
        {
          "category": "summary",
          "text": "It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device. An attacker with physical access to the medium, such as a flash disk, could use this flaw to force a user into permanently disabling the encryption layer of that medium.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-4122"
    },
    {
      "cve": "CVE-2021-4189",
      "cwe": {
        "id": "CWE-252",
        "name": "Unchecked Return Value"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP server that can trick FTP clients into connecting back to a given IP address and port. This vulnerability could lead to FTP client scanning ports, which otherwise would not have been possible.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-4189"
    },
    {
      "cve": "CVE-2021-4209",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference flaw was found in GnuTLS. As Nettle\u0027s hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-4209"
    },
    {
      "cve": "CVE-2021-20193",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the src/list.c of tar 1.33 and earlier. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-20193"
    },
    {
      "cve": "CVE-2021-20227",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in SQLite\u0027s SELECT query functionality (src/select.c). This flaw allows an attacker who is capable of running SQL queries locally on the SQLite database to cause a denial of service or possible code execution by triggering a use-after-free. The highest threat from this vulnerability is to system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-20227"
    },
    {
      "cve": "CVE-2021-20231",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other consequences.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-20231"
    },
    {
      "cve": "CVE-2021-20232",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-20232"
    },
    {
      "cve": "CVE-2021-20305",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA \u0026 ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-20305"
    },
    {
      "cve": "CVE-2021-22876",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl 7.1.1 to and including 7.75.0 is vulnerable to an \"Exposure of Private Personal Information to an Unauthorized Actor\" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leaking sensitive data to the server that is the target of the second HTTP request.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-22876"
    },
    {
      "cve": "CVE-2021-22890",
      "cwe": {
        "id": "CWE-290",
        "name": "Authentication Bypass by Spoofing"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets. When using a HTTPS proxy and TLS 1.3, libcurl can confuse session tickets arriving from the HTTPS proxy but work as if they arrived from the remote server and then wrongly \"short-cut\" the host handshake. When confusing the tickets, a HTTPS proxy can trick libcurl to use the wrong session ticket resume for the host and thereby circumvent the server TLS certificate check and make a MITM attack to be possible to perform unnoticed. Note that such a malicious HTTPS proxy needs to provide a certificate that curl will accept for the MITMed server for an attack to work - unless curl has been told to ignore the server certificate check.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-22890"
    },
    {
      "cve": "CVE-2021-22897",
      "cwe": {
        "id": "CWE-668",
        "name": "Exposure of Resource to Wrong Sphere"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The selected cipher set was stored in a single \"static\" variable in the library, which has the surprising side-effect that if an application sets up multiple concurrent transfers, the last one that sets the ciphers will accidentally control the set used by all transfers. In a worst-case scenario, this weakens transport security significantly.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-22897"
    },
    {
      "cve": "CVE-2021-22898",
      "cwe": {
        "id": "CWE-909",
        "name": "Missing Initialization of Resource"
      },
      "notes": [
        {
          "category": "summary",
          "text": "**NOTE: CVE-2021-22898 is an incomplete fix (see https://hackerone.com/reports/1223882)! Check if affected products also have fixed CVE-22925 instead! Do not use CVE-2021-22898 in public advisories!**\r\n\r\ncurl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEW_ENV variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the server, resulting in potentially revealing sensitive internal information to the server using a clear-text network protocol.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-22898"
    },
    {
      "cve": "CVE-2021-22901",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. A malicious server can use this in rare unfortunate circumstances to potentially reach remote code execution in the client. When libcurl at run-time sets up support for TLS 1.3 session tickets on a connection using OpenSSL, it stores pointers to the transfer in-memory object for later retrieval when a session ticket arrives. If the connection is used by multiple transfers (like with a reused HTTP/1.1 connection or multiplexed HTTP/2 connection) that first transfer object might be freed before the new session is established on that connection and then the function will access a memory buffer that might be freed. When using that memory, libcurl might even call a function pointer in the object, making it possible for a remote code execution if the server could somehow manage to get crafted memory content into the correct place in memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-22901"
    },
    {
      "cve": "CVE-2021-22922",
      "cwe": {
        "id": "CWE-354",
        "name": "Improper Validation of Integrity Check Value"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The metalink XML file points out to the client how to get the same contentfrom a set of different URLs, potentially hosted by different servers and theclient can then download the file from one or several of them. In a serial orparallel manner.If one of the servers hosting the contents has been breached and the contentsof the specific file on that server is replaced with a modified payload, curlshould detect this when the hash of the file mismatches after a completeddownload. It should remove the contents and instead try getting the contentsfrom another URL. This is not done, and instead such a hash mismatch is onlymentioned in text and the potentially malicious content is kept in the file ondisk.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-22922"
    },
    {
      "cve": "CVE-2021-22923",
      "cwe": {
        "id": "CWE-522",
        "name": "Insufficiently Protected Credentials"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download the contents from. Often contrary to the user\u0027s expectations and intentions and without telling the user it happened.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-22923"
    },
    {
      "cve": "CVE-2021-22924",
      "cwe": {
        "id": "CWE-706",
        "name": "Use of Incorrectly-Resolved Name or Reference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse, if one of them matches the setup. Due to errors in the logic, the config matching function did not take \u0027issuercert\u0027 into account and it compared the involved paths *case insensitively*, which could lead to libcurl reusing wrong connections. File paths are, or can be, case sensitive on many systems but not all, and can even vary depending on used file systems. The comparison also didn\u0027t include the \u0027issuer cert\u0027 which a transfer can set to qualify how to verify the server certificate.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-22924"
    },
    {
      "cve": "CVE-2021-22925",
      "cwe": {
        "id": "CWE-908",
        "name": "Use of Uninitialized Resource"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl. This rarely used option is used to send variable=content pairs to TELNET servers. Due to flaw in the option parser for sending `NEW_ENV` variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the server. Therefore potentially revealing sensitive internal information to the server using a clear-text network protocol. This could happen because curl did not call and use sscanf() correctly when parsing the string provided by the application.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-22925"
    },
    {
      "cve": "CVE-2021-22926",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl-using applications can ask for a specific client certificate to be used in a transfer. This is done with the `CURLOPT_SSLCERT` option (`--cert` with the command line tool).When libcurl is built to use the macOS native TLS library Secure Transport, an application can ask for the client certificate by name or with a file name - using the same option. If the name exists as a file, it will be used instead of by name.If the appliction runs with a current working directory that is writable by other users (like `/tmp`), a malicious user can create a file name with the same name as the app wants to use by name, and thereby trick the application to use the file based cert instead of the one referred to by name making libcurl send the wrong client certificate in the TLS connection handshake.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-22926"
    },
    {
      "cve": "CVE-2021-22945",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When sending data to an MQTT server, libcurl \u003c= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it *again*.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-22945"
    },
    {
      "cve": "CVE-2021-22946",
      "cwe": {
        "id": "CWE-319",
        "name": "Cleartext Transmission of Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A user can tell curl \u003e= 7.20.0 and \u003c= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be bypassed if the server would return a properly crafted but perfectly legitimate response.This flaw would then make curl silently continue its operations **withoutTLS** contrary to the instructions and expectations, exposing possibly sensitive data in clear text over the network.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-22946"
    },
    {
      "cve": "CVE-2021-22947",
      "cwe": {
        "id": "CWE-345",
        "name": "Insufficient Verification of Data Authenticity"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When curl \u003e= 7.20.0 and \u003c= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. curl would then upgrade to TLS but not flush the in-queue of cached responses but instead continue using and trustingthe responses it got *before* the TLS handshake as if they were authenticated.Using this flaw, it allows a Man-In-The-Middle attacker to first inject the fake responses, then pass-through the TLS traffic from the legitimate server and trick curl into sending data back to the user thinking the attacker\u0027s injected data comes from the TLS-protected server.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-22947"
    },
    {
      "cve": "CVE-2021-23336",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-23336"
    },
    {
      "cve": "CVE-2021-27212",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-27212"
    },
    {
      "cve": "CVE-2021-27218",
      "cwe": {
        "id": "CWE-681",
        "name": "Incorrect Conversion between Numeric Types"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If g_byte_array_new_take() was called with a buffer of 4GB or more on a 64-bit platform, the length would be truncated modulo 2**32, causing unintended length truncation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-27218"
    },
    {
      "cve": "CVE-2021-27219",
      "cwe": {
        "id": "CWE-681",
        "name": "Incorrect Conversion between Numeric Types"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function g_bytes_new has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to memory corruption.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-27219"
    },
    {
      "cve": "CVE-2021-27645",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-27645"
    },
    {
      "cve": "CVE-2021-28041",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-28041"
    },
    {
      "cve": "CVE-2021-28153",
      "cwe": {
        "id": "CWE-59",
        "name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in GNOME GLib before 2.66.8. When g_file_replace() is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink, it incorrectly also creates the target of the symlink as an empty file, which could conceivably have security relevance if the symlink is attacker-controlled. (If the path is a symlink to a file that already exists, then the contents of that file correctly remain unchanged.)",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-28153"
    },
    {
      "cve": "CVE-2021-28363",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The urllib3 library 1.26.x before 1.26.4 for Python omits SSL certificate validation in some cases involving HTTPS to HTTPS proxies. The initial connection to the HTTPS proxy (if an SSLContext isn\u0027t given via proxy_config) doesn\u0027t verify the hostname of the certificate. This means certificates for different servers that still validate properly with the default urllib3 SSLContext will be silently accepted.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-28363"
    },
    {
      "cve": "CVE-2021-28861",
      "cwe": {
        "id": "CWE-601",
        "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation page states \"Warning: http.server is not recommended for production. It only implements basic security checks.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-28861"
    },
    {
      "cve": "CVE-2021-31239",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue found in SQLite SQLite3 v.3.35.4 that could allow a remote attacker to cause a denial of service via the appendvfs.c function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-31239"
    },
    {
      "cve": "CVE-2021-32292",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in json-c from 20200420 (post 0.14 unreleased code) through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary sample program json_parse which is located in the function parseit.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-32292"
    },
    {
      "cve": "CVE-2021-33294",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In elfutils 0.183, an infinite loop was found in the function handle_symtab in readelf.c .Which allows attackers to cause a denial of service (infinite loop) via crafted file.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-33294"
    },
    {
      "cve": "CVE-2021-33560",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-33560"
    },
    {
      "cve": "CVE-2021-33574",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-33574"
    },
    {
      "cve": "CVE-2021-33910",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The use of alloca function with an uncontrolled size in function unit_name_path_escape allows a local attacker, able to mount a filesystem on a very long path, to crash systemd and the whole system by allocating a very large space in the stack.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-33910"
    },
    {
      "cve": "CVE-2021-35942",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-35942"
    },
    {
      "cve": "CVE-2021-36084",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-36084"
    },
    {
      "cve": "CVE-2021-36085",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-36085"
    },
    {
      "cve": "CVE-2021-36086",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-36086"
    },
    {
      "cve": "CVE-2021-36087",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-36087"
    },
    {
      "cve": "CVE-2021-36222",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a certain situation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-36222"
    },
    {
      "cve": "CVE-2021-36690",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges (e.g., is intentionally allowed to execute commands). This report does NOT imply any problem in the SQLite library.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-36690"
    },
    {
      "cve": "CVE-2021-37600",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library environments, and possibly in all realistic environments",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "mitigation",
          "details": "For earlier versions see the recommendations from section Workarounds and Mitigations",
          "product_ids": [
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-37600"
    },
    {
      "cve": "CVE-2021-37750",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "mitigation",
          "details": "For earlier versions see the recommendations from section Workarounds and Mitigations",
          "product_ids": [
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-37750"
    },
    {
      "cve": "CVE-2021-38604",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 fix.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-38604"
    },
    {
      "cve": "CVE-2021-43396",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "** DISPUTED ** In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious \u0027\\0\u0027 character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This may affect data integrity in certain iconv() use cases. NOTE: the vendor states \"the bug cannot be invoked through user input and requires iconv to be invoked with a NULL inbuf, which ought to require a separate application bug to do so unintentionally. Hence there\u0027s no security impact to the bug.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-43396"
    },
    {
      "cve": "CVE-2021-43618",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-43618"
    },
    {
      "cve": "CVE-2021-44879",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-44879"
    },
    {
      "cve": "CVE-2021-45960",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-45960"
    },
    {
      "cve": "CVE-2021-46143",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-46143"
    },
    {
      "cve": "CVE-2021-46195",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service (DoS) by consuming excessive CPU and memory resources.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-46195"
    },
    {
      "cve": "CVE-2021-46828",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-46828"
    },
    {
      "cve": "CVE-2021-46848",
      "cwe": {
        "id": "CWE-193",
        "name": "Off-by-one Error"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2021-46848"
    },
    {
      "cve": "CVE-2022-0391",
      "cwe": {
        "id": "CWE-74",
        "name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like \u0027\\r\u0027 and \u0027\\n\u0027 in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1, 3.9.5, 3.8.11, 3.7.11 and 3.6.14.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-0391"
    },
    {
      "cve": "CVE-2022-0563",
      "cwe": {
        "id": "CWE-209",
        "name": "Generation of Error Message Containing Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an \"INPUTRC\" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-0563"
    },
    {
      "cve": "CVE-2022-0778",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The BN_mod_sqrt() function in openSSL, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-0778"
    },
    {
      "cve": "CVE-2022-1271",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An arbitrary file write vulnerability was found in GNU gzip\u0027s zgrep utility. When zgrep is applied on the attacker\u0027s chosen file name (for example, a crafted file name), this can overwrite an attacker\u0027s content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-1271"
    },
    {
      "cve": "CVE-2022-1292",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The c_rehash script does not properly sanitise shell metacharacters to prevent command injection.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-1292"
    },
    {
      "cve": "CVE-2022-1304",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-1304"
    },
    {
      "cve": "CVE-2022-1343",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Under certain circumstances, the command line OCSP verify function reports successful verification when the verification in fact failed. In this case the incorrect successful response will also be accompanied by error messages showing the failure and contradicting the apparently successful result.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-1343"
    },
    {
      "cve": "CVE-2022-1434",
      "cwe": {
        "id": "CWE-327",
        "name": "Use of a Broken or Risky Cryptographic Algorithm"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When using the RC4-MD5 ciphersuite, which is disabled by default, an attacker is able to modify data in transit due to an incorrect use of the AAD data as the MAC key in OpenSSL 3.0. An attacker is not able to decrypt any communication.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-1434"
    },
    {
      "cve": "CVE-2022-1473",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The used OpenSSL version improperly reuses memory when decoding certificates or keys. This can lead to a process termination and Denial of Service for long lived processes.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-1473"
    },
    {
      "cve": "CVE-2022-2068",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-2068"
    },
    {
      "cve": "CVE-2022-2097",
      "cwe": {
        "id": "CWE-326",
        "name": "Inadequate Encryption Strength"
      },
      "notes": [
        {
          "category": "summary",
          "text": "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn\u0027t written. In the special case of \"in place\" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-2097"
    },
    {
      "cve": "CVE-2022-2274",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. SSL/TLS servers or other servers using 2048 bit RSA private keys running on machines supporting AVX512IFMA instructions of the X86_64 architecture are affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-2274"
    },
    {
      "cve": "CVE-2022-2509",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-2509"
    },
    {
      "cve": "CVE-2022-3715",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-3715"
    },
    {
      "cve": "CVE-2022-3821",
      "cwe": {
        "id": "CWE-193",
        "name": "Off-by-one Error"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-3821"
    },
    {
      "cve": "CVE-2022-4304",
      "cwe": {
        "id": "CWE-326",
        "name": "Inadequate Encryption Strength"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Disable the use of RSA ciphers in the web server configuration; note that RSA ciphers are disabled by default",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-4304"
    },
    {
      "cve": "CVE-2022-4450",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the \"name\" (e.g. \"CERTIFICATE\"), any header data and the payload data. If the function succeeds then the \"name_out\", \"header\" and \"data\" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Do not import or configure certificate files in PEM format from untrusted sources",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-4450"
    },
    {
      "cve": "CVE-2022-22576",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-22576"
    },
    {
      "cve": "CVE-2022-22822",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-22822"
    },
    {
      "cve": "CVE-2022-22823",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-22823"
    },
    {
      "cve": "CVE-2022-22824",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-22824"
    },
    {
      "cve": "CVE-2022-22825",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-22825"
    },
    {
      "cve": "CVE-2022-22826",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-22826"
    },
    {
      "cve": "CVE-2022-22827",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-22827"
    },
    {
      "cve": "CVE-2022-23218",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-23218"
    },
    {
      "cve": "CVE-2022-23219",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-23219"
    },
    {
      "cve": "CVE-2022-23308",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-23308"
    },
    {
      "cve": "CVE-2022-23852",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-23852"
    },
    {
      "cve": "CVE-2022-23990",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-23990"
    },
    {
      "cve": "CVE-2022-24407",
      "cwe": {
        "id": "CWE-89",
        "name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-24407"
    },
    {
      "cve": "CVE-2022-25235",
      "cwe": {
        "id": "CWE-116",
        "name": "Improper Encoding or Escaping of Output"
      },
      "notes": [
        {
          "category": "summary",
          "text": "xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-25235"
    },
    {
      "cve": "CVE-2022-25236",
      "cwe": {
        "id": "CWE-668",
        "name": "Exposure of Resource to Wrong Sphere"
      },
      "notes": [
        {
          "category": "summary",
          "text": "xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-25236"
    },
    {
      "cve": "CVE-2022-25313",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-25313"
    },
    {
      "cve": "CVE-2022-25314",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-25314"
    },
    {
      "cve": "CVE-2022-25315",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-25315"
    },
    {
      "cve": "CVE-2022-26488",
      "cwe": {
        "id": "CWE-426",
        "name": "Untrusted Search Path"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local attacker to add user-writable directories to the system search path. To exploit, an administrator must have installed Python for all users and enabled PATH entries. A non-administrative user can trigger a repair that incorrectly adds user-writable paths into PATH, enabling search-path hijacking of other users and system services. This affects Python (CPython) through 3.7.12, 3.8.x through 3.8.12, 3.9.x through 3.9.10, and 3.10.x through 3.10.2.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-26488"
    },
    {
      "cve": "CVE-2022-27774",
      "cwe": {
        "id": "CWE-522",
        "name": "Insufficiently Protected Credentials"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-27774"
    },
    {
      "cve": "CVE-2022-27775",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-27775"
    },
    {
      "cve": "CVE-2022-27776",
      "cwe": {
        "id": "CWE-522",
        "name": "Insufficiently Protected Credentials"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-27776"
    },
    {
      "cve": "CVE-2022-27778",
      "cwe": {
        "id": "CWE-706",
        "name": "Use of Incorrectly-Resolved Name or Reference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when `--no-clobber` is used together with `--remove-on-error`.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-27778"
    },
    {
      "cve": "CVE-2022-27779",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl wrongly allows cookies to be set for Top Level Domains (TLDs) if thehost name is provided with a trailing dot.curl can be told to receive and send cookies. curl\u0027s \"cookie engine\" can bebuilt with or without [Public Suffix List](https://publicsuffix.org/)awareness. If PSL support not provided, a more rudimentary check exists to atleast prevent cookies from being set on TLDs. This check was broken if thehost name in the URL uses a trailing dot.This can allow arbitrary sites to set cookies that then would get sent to adifferent and unrelated site or domain.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-27779"
    },
    {
      "cve": "CVE-2022-27780",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The curl URL parser wrongly accepts percent-encoded URL separators like \u0027/\u0027when decoding the host name part of a URL, making it a *different* URL usingthe wrong host name when it is later retrieved.For example, a URL like `http://example.com%2F127.0.0.1/`, would be allowed bythe parser and get transposed into `http://example.com/127.0.0.1/`. This flawcan be used to circumvent filters, checks and more.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-27780"
    },
    {
      "cve": "CVE-2022-27781",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server\u0027s certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-27781"
    },
    {
      "cve": "CVE-2022-27782",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-27782"
    },
    {
      "cve": "CVE-2022-27943",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-27943"
    },
    {
      "cve": "CVE-2022-28321",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn\u0027t correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a machine can still get access. NOTE: the relevance of this issue is largely limited to openSUSE Tumbleweed and openSUSE Factory; it does not affect Linux-PAM upstream.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-28321"
    },
    {
      "cve": "CVE-2022-29155",
      "cwe": {
        "id": "CWE-89",
        "name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-29155"
    },
    {
      "cve": "CVE-2022-29824",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don\u0027t check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2\u0027s buffer functions, for example libxslt through 1.1.35, is affected as well.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-29824"
    },
    {
      "cve": "CVE-2022-30115",
      "cwe": {
        "id": "CWE-319",
        "name": "Cleartext Transmission of Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Using its HSTS support, curl can be instructed to use HTTPS directly insteadof using an insecure clear-text HTTP step even when HTTP is provided in theURL. This mechanism could be bypassed if the host name in the given URL used atrailing dot while not using one when it built the HSTS cache. Or the otherway around - by having the trailing dot in the HSTS cache and *not* using thetrailing dot in the URL.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-30115"
    },
    {
      "cve": "CVE-2022-32205",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A malicious server can serve excessive amounts of \"Set-Cookie:\" headers in a HTTP response to curl and curl \u003c 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger than the threshold that curl uses internally to avoid sending crazy large requests (1048576 bytes) and instead returns an error.This denial state might remain for as long as the same cookies are kept, match and haven\u0027t expired. Due to cookie matching rules, a server on \"foo.example.com\" can set cookies that also would match for \"bar.example.com\", making it it possible for a \"sister server\" to effectively cause a denial of service for a sibling site on the same second level domain using this method.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-32205"
    },
    {
      "cve": "CVE-2022-32206",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl \u003c 7.84.0 supports \"chained\" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable \"links\" in this \"decompression chain\" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a \"malloc bomb\", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-32206"
    },
    {
      "cve": "CVE-2022-32207",
      "cwe": {
        "id": "CWE-276",
        "name": "Incorrect Default Permissions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When curl \u003c 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-32207"
    },
    {
      "cve": "CVE-2022-32208",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When curl \u003c 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-32208"
    },
    {
      "cve": "CVE-2022-32221",
      "cwe": {
        "id": "CWE-440",
        "name": "Expected Behavior Violation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously was used to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent `POST` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-32221"
    },
    {
      "cve": "CVE-2022-35252",
      "cwe": {
        "id": "CWE-1286",
        "name": "Improper Validation of Syntactic Correctness of Input"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a\"sister site\" to deny service to all siblings.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-35252"
    },
    {
      "cve": "CVE-2022-35260",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl can be told to parse a `.netrc` file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will in most cases cause a segfault or similar, but circumstances might also cause different outcomes.If a malicious user can provide a custom netrc file to an application or otherwise affect its contents, this flaw could be used as denial-of-service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-35260"
    },
    {
      "cve": "CVE-2022-35737",
      "cwe": {
        "id": "CWE-129",
        "name": "Improper Validation of Array Index"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-35737"
    },
    {
      "cve": "CVE-2022-37434",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-37434"
    },
    {
      "cve": "CVE-2022-37454",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-37454"
    },
    {
      "cve": "CVE-2022-40303",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-40303"
    },
    {
      "cve": "CVE-2022-40304",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-40304"
    },
    {
      "cve": "CVE-2022-40674",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-40674"
    },
    {
      "cve": "CVE-2022-42898",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has \"a similar bug.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-42898"
    },
    {
      "cve": "CVE-2022-42915",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl before 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a non-HTTP(S) URL, it sets up the connection to the remote server by issuing a CONNECT request to the proxy, and then tunnels the rest of the protocol through. An HTTP proxy might refuse this request (HTTP proxies often only allow outgoing connections to specific port numbers, like 443 for HTTPS) and instead return a non-200 status code to the client. Due to flaws in the error/cleanup handling, this could trigger a double free in curl if one of the following schemes were used in the URL for the transfer: dict, gopher, gophers, ldap, ldaps, rtmp, rtmps, or telnet. The earliest affected version is 7.77.0.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-42915"
    },
    {
      "cve": "CVE-2022-42916",
      "cwe": {
        "id": "CWE-319",
        "name": "Cleartext Transmission of Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In curl before 7.86.0, the HSTS check could be bypassed to trick it into staying with HTTP. Using its HSTS support, curl can be instructed to use HTTPS directly (instead of using an insecure cleartext HTTP step) even when HTTP is provided in the URL. This mechanism could be bypassed if the host name in the given URL uses IDN characters that get replaced with ASCII counterparts as part of the IDN conversion, e.g., using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop of U+002E (.). The earliest affected version is 7.77.0 2021-05-26.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-42916"
    },
    {
      "cve": "CVE-2022-43551",
      "cwe": {
        "id": "CWE-319",
        "name": "Cleartext Transmission of Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability exists in curl \u003c7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. However, the HSTS mechanism could be bypassed if the host name in the given URL first uses IDN characters that get replaced to ASCII counterparts as part of the IDN conversion. Like using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop U+002E (.). Then in a subsequent request, it does not detect the HSTS state and makes a clear text transfer. Because it would store the info IDN encoded but look for it IDN decoded.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-43551"
    },
    {
      "cve": "CVE-2022-43552",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl can be asked to tunnel virtually all protocols it supports through an HTTP proxy. HTTP proxies can (and often do) deny such tunnel operations using an appropriate HTTP error response code. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocated struct after it had been freed, in its transfer shutdown code path.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-43552"
    },
    {
      "cve": "CVE-2022-43680",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-43680"
    },
    {
      "cve": "CVE-2022-45061",
      "cwe": {
        "id": "CWE-407",
        "name": "Inefficient Algorithmic Complexity"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor; in such a scenario, they could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied supposed hostname. For example, the attack payload could be placed in the Location header of an HTTP response with status code 302. A fix is planned in 3.11.1, 3.10.9, 3.9.16, 3.8.16, and 3.7.16.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-45061"
    },
    {
      "cve": "CVE-2022-45873",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "systemd 250 and 251 allows local users to achieve a systemd-coredump deadlock by triggering a crash that has a long backtrace. This occurs in parse_elf_object in shared/elf-util.c. The exploitation methodology is to crash a binary calling the same function recursively, and put it in a deeply nested directory to make its backtrace large enough to cause the deadlock. This must be done 16 times when MaxConnections=16 is set for the systemd/units/systemd-coredump.socket file.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-45873"
    },
    {
      "cve": "CVE-2022-46908",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-46908"
    },
    {
      "cve": "CVE-2022-48303",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-48303"
    },
    {
      "cve": "CVE-2022-48522",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-48522"
    },
    {
      "cve": "CVE-2022-48560",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free exists in Python through 3.9 via heappushpop in heapq.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2022-48560"
    },
    {
      "cve": "CVE-2023-0215",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. This internal function is in turn called by the public API functions PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream. The OpenSSL cms and smime command line applications are similarly affected.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-0215"
    },
    {
      "cve": "CVE-2023-0286",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Disable CRL (certification revocation list) checking, if possible",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-0286"
    },
    {
      "cve": "CVE-2023-0361",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-0361"
    },
    {
      "cve": "CVE-2023-0464",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems.\r\n\r\nPolicy processing is disabled by default but can be enabled by passing the `-policy` argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()` function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-0464"
    },
    {
      "cve": "CVE-2023-0465",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Applications that use a non-default option when verifying certificates may be\r\nvulnerable to an attack from a malicious CA to circumvent certain checks.\r\n\r\nInvalid certificate policies in leaf certificates are silently ignored by\r\nOpenSSL and other certificate policy checks are skipped for that certificate.\r\nA malicious CA could use this to deliberately assert invalid certificate policies\r\nin order to circumvent policy checking on the certificate altogether.\r\n\r\nPolicy processing is disabled by default but can be enabled by passing\r\nthe `-policy` argument to the command line utilities or by calling the\r\n`X509_VERIFY_PARAM_set1_policies()` function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-0465"
    },
    {
      "cve": "CVE-2023-0466",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The function X509_VERIFY_PARAM_add0_policy() is documented to\r\nimplicitly enable the certificate policy check when doing certificate\r\nverification. However the implementation of the function does not\r\nenable the check which allows certificates with invalid or incorrect\r\npolicies to pass the certificate verification.\r\n\r\nAs suddenly enabling the policy check could break existing deployments it was\r\ndecided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy()\r\nfunction.\r\n\r\nInstead the applications that require OpenSSL to perform certificate\r\npolicy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly\r\nenable the policy check by calling X509_VERIFY_PARAM_set_flags() with\r\nthe X509_V_FLAG_POLICY_CHECK flag argument.\r\n\r\nCertificate policy checks are disabled by default in OpenSSL and are not\r\ncommonly used by applications.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-0466"
    },
    {
      "cve": "CVE-2023-0687",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function __monstartup of the file gmon.c of the component Call Graph Monitor. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. VDB-220246 is the identifier assigned to this vulnerability. NOTE: The real existence of this vulnerability is still doubted at the moment. The inputs that induce this vulnerability are basically addresses of the running application that is built with gmon enabled. It\u0027s basically trusted input or input that needs an actual security flaw to be compromised or controlled.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-0687"
    },
    {
      "cve": "CVE-2023-1077",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-1077"
    },
    {
      "cve": "CVE-2023-1206",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel\u2019s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-1206"
    },
    {
      "cve": "CVE-2023-2650",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience notable to very long delays when processing those messages, which may lead to a Denial of Service. An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - most of which have no size limit. OBJ_obj2txt() may be used to translate an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL type ASN1_OBJECT) to its canonical numeric text form, which are the sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by periods. When one of the sub-identifiers in the OBJECT IDENTIFIER is very large (these are sizes that are seen as absurdly large, taking up tens or hundreds of KiBs), the translation to a decimal number in text may take a very long time. The time complexity is O(square(n)) with \u0027n\u0027 being the size of the sub-identifiers in bytes (*). With OpenSSL 3.0, support to fetch cryptographic algorithms using names / identifiers in string form was introduced. This includes using OBJECT IDENTIFIERs in canonical numeric text form as identifiers for fetching algorithms. Such OBJECT IDENTIFIERs may be received through the ASN.1 structure AlgorithmIdentifier, which is commonly used in multiple protocols to specify what cryptographic algorithm should be used to sign or verify, encrypt or decrypt, or digest passed data. Applications that call OBJ_obj2txt() directly with untrusted data are affected, with any version of OpenSSL. If the use is for the mere purpose of display, the severity is considered low. In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 certificates, including simple things like verifying its signature. The impact on TLS is relatively low, because all versions of OpenSSL have a 100KiB limit on the peer\u0027s certificate chain. Additionally, this only impacts clients, or servers that have explicitly enabled client authentication. In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, such as X.509 certificates. This is assumed to not happen in such a way that it would cause a Denial of Service, so these versions are considered not affected by this issue in such a way that it would be cause for concern, and the severity is therefore considered low.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-2650"
    },
    {
      "cve": "CVE-2023-2953",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-2953"
    },
    {
      "cve": "CVE-2023-3212",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. A privileged local user could use this flaw to cause a kernel panic.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-3212"
    },
    {
      "cve": "CVE-2023-3446",
      "cwe": {
        "id": "CWE-606",
        "name": "Unchecked Input for Loop Condition"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus (\u0027p\u0027 parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulernable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the \u0027-check\u0027 option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-3446"
    },
    {
      "cve": "CVE-2023-3609",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: cls_u32 component can be exploited to achieve local privilege escalation.\r\n\r\nIf tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-3609"
    },
    {
      "cve": "CVE-2023-3611",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds write vulnerability in the Linux kernel\u0027s net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\r\n\r\nThe qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-3611"
    },
    {
      "cve": "CVE-2023-3772",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Linux kernel\u0027s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-3772"
    },
    {
      "cve": "CVE-2023-3817",
      "cwe": {
        "id": "CWE-834",
        "name": "Excessive Iteration"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. After fixing CVE-2023-3446 it was discovered that a large q parameter value can also trigger an overly long computation during some of these checks. A correct q value, if present, cannot be larger than the modulus p parameter, thus it is unnecessary to perform these checks if q is larger than p. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the \"-check\" option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-3817"
    },
    {
      "cve": "CVE-2023-4016",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Under some circumstances, this weakness allows a user who has access to run the \u201cps\u201d utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-4016"
    },
    {
      "cve": "CVE-2023-4039",
      "cwe": {
        "id": "CWE-693",
        "name": "Protection Mechanism Failure"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A failure in the -fstack-protector feature in GCC-based toolchains \nthat target AArch64 allows an attacker to exploit an existing buffer \noverflow in dynamically-sized local variables in your application \nwithout this being detected. This stack-protector failure only applies \nto C99-style dynamically-sized local variables or those created using \nalloca(). The stack-protector operates as intended for statically-sized \nlocal variables.\n\nThe default behavior when the stack-protector \ndetects an overflow is to terminate your application, resulting in \ncontrolled loss of availability. An attacker who can exploit a buffer \noverflow without triggering the stack-protector might be able to change \nprogram flow control to cause an uncontrolled loss of availability or to\n go further and affect confidentiality or integrity.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-4039"
    },
    {
      "cve": "CVE-2023-4623",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation.\n\nIf a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free.\n\nWe recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-4623"
    },
    {
      "cve": "CVE-2023-4807",
      "cwe": {
        "id": "CWE-440",
        "name": "Expected Behavior Violation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications on the Windows 64 platform when running on newer X86_64 processors supporting the AVX512-IFMA instructions. Impact summary: If in an application that uses the OpenSSL library an attacker can influence whether the POLY1305 MAC algorithm is used, the application state might be corrupted with various application dependent consequences. The POLY1305 MAC (message authentication code) implementation in OpenSSL does not save the contents of non-volatile XMM registers on Windows 64 platform when calculating the MAC of data larger than 64 bytes. Before returning to the caller all the XMM registers are set to zero rather than restoring their previous content. The vulnerable code is used only on newer x86_64 processors supporting the AVX512-IFMA instructions. The consequences of this kind of internal application state corruption can be various - from no consequences, if the calling application does not depend on the contents of non-volatile XMM registers at all, to the worst consequences, where the attacker could get complete control of the application process. However given the contents of the registers are just zeroized so the attacker cannot put arbitrary values inside, the most likely consequence, if any, would be an incorrect result of some application dependent calculations or a crash leading to a denial of service. The POLY1305 MAC algorithm is most frequently used as part of the CHACHA20-POLY1305 AEAD (authenticated encryption with associated data) algorithm. The most common usage of this AEAD cipher is with TLS protocol versions 1.2 and 1.3 and a malicious client can influence whether this AEAD cipher is used by the server. This implies that server applications using OpenSSL can be potentially impacted. However we are currently not aware of any concrete application that would be affected by this issue therefore we consider this a Low severity security issue. As a workaround the AVX512-IFMA instructions support can be disabled at runtime by setting the environment variable OPENSSL_ia32cap: OPENSSL_ia32cap=:~0x200000 The FIPS provider is not affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-4807"
    },
    {
      "cve": "CVE-2023-4813",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-4813"
    },
    {
      "cve": "CVE-2023-4921",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\n\nWhen the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrect .peek handler of sch_plug and lack of error checking in agg_dequeue().\n\nWe recommend upgrading past commit 8fc134fee27f2263988ae38920bc03da416b03d8.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-4921"
    },
    {
      "cve": "CVE-2023-5156",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-5156"
    },
    {
      "cve": "CVE-2023-5678",
      "cwe": {
        "id": "CWE-606",
        "name": "Unchecked Input for Loop Condition"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn\u0027t make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn\u0027t check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the \"-pubcheck\" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-5678"
    },
    {
      "cve": "CVE-2023-5717",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A heap out-of-bounds write vulnerability in the Linux kernel\u0027s Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation.\r\n\r\nIf perf_read_group() is called while an event\u0027s sibling_list is smaller than its child\u0027s sibling_list, it can increment or write to memory locations outside of the allocated buffer.\r\n\r\nWe recommend upgrading past commit 32671e3799ca2e4590773fd0e63aaa4229e50c06.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-5717"
    },
    {
      "cve": "CVE-2023-5981",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-5981"
    },
    {
      "cve": "CVE-2023-6121",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the kernel ring buffer (dmesg).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-6121"
    },
    {
      "cve": "CVE-2023-6817",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nThe function nft_pipapo_walk did not skip inactive elements during set walk which could lead double deactivations of PIPAPO (Pile Packet Policies) elements, leading to use-after-free.\n\nWe recommend upgrading past commit 317eb9685095678f2c9f5a8189de698c5354316a.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-6817"
    },
    {
      "cve": "CVE-2023-6931",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A heap out-of-bounds write vulnerability in the Linux kernel\u0027s Performance Events system component can be exploited to achieve local privilege escalation.\n\nA perf_event\u0027s read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group().\n\nWe recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-6931"
    },
    {
      "cve": "CVE-2023-6932",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s ipv4: igmp component can be exploited to achieve local privilege escalation.\n\nA race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread.\n\nWe recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-6932"
    },
    {
      "cve": "CVE-2023-23914",
      "cwe": {
        "id": "CWE-319",
        "name": "Cleartext Transmission of Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A cleartext transmission of sensitive information vulnerability exists in curl \u003cv7.88.0 that could cause HSTS functionality fail when multiple URLs are requested serially. Using its HSTS support, curl can be instructed to use HTTPS instead of usingan insecure clear-text HTTP step even when HTTP is provided in the URL. ThisHSTS mechanism would however surprisingly be ignored by subsequent transferswhen done on the same command line because the state would not be properlycarried on.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-23914"
    },
    {
      "cve": "CVE-2023-23915",
      "cwe": {
        "id": "CWE-319",
        "name": "Cleartext Transmission of Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A cleartext transmission of sensitive information vulnerability exists in curl \u003cv7.88.0 that could cause HSTS functionality to behave incorrectly when multiple URLs are requested in parallel. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. This HSTS mechanism would however surprisingly fail when multiple transfers are done in parallel as the HSTS cache file gets overwritten by the most recentlycompleted transfer. A later HTTP-only transfer to the earlier host name would then *not* get upgraded properly to HSTS.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "mitigation",
          "details": "For earlier versions see the recommendations from section Workarounds and Mitigations",
          "product_ids": [
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-23915"
    },
    {
      "cve": "CVE-2023-23916",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An allocation of resources without limits or throttling vulnerability exists in curl \u003cv7.88.0 based on the \"chained\" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable \"links\" in this \"decompression chain\" wascapped, but the cap was implemented on a per-header basis allowing a maliciousserver to insert a virtually unlimited number of compression steps simply byusing many headers. The use of such a decompression chain could result in a \"malloc bomb\", making curl end up spending enormous amounts of allocated heap memory, or trying to and returning out of memory errors.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-23916"
    },
    {
      "cve": "CVE-2023-24329",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-24329"
    },
    {
      "cve": "CVE-2023-25136",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-party report states \"remote code execution is theoretically possible.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-25136"
    },
    {
      "cve": "CVE-2023-25139",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "sprintf in the GNU C Library (glibc) 2.37 has a buffer overflow (out-of-bounds write) in some situations with a correct buffer size. This is unrelated to CWE-676. It may write beyond the bounds of the destination buffer when attempting to write a padded, thousands-separated string representation of a number, if the buffer is allocated the exact size required to represent that number as a string. For example, 1,234,567 (with padding to 13) overflows by two bytes.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-25139"
    },
    {
      "cve": "CVE-2023-26604",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the \"systemctl status\" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-26604"
    },
    {
      "cve": "CVE-2023-27371",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNU libmicrohttpd before 0.9.76 allows remote DoS (Denial of Service) due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHD_create_post_processor() method. This allows an attacker to remotely send a malicious HTTP POST packet that includes one or more \u0027\\0\u0027 bytes in a multipart/form-data boundary field, which - assuming a specific heap layout - will result in an out-of-bounds read and a crash in the find_boundary() function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AC:H/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-27371"
    },
    {
      "cve": "CVE-2023-27533",
      "cwe": {
        "id": "CWE-74",
        "name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability in input validation exists in curl \u003c8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and \"telnet options\" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform option negotiation without the application\u0027s intent. This vulnerability could be exploited if an application allows user input, thereby enabling attackers to execute arbitrary code on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-27533"
    },
    {
      "cve": "CVE-2023-27534",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A path traversal vulnerability exists in curl \u003c8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user\u0027s home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-27534"
    },
    {
      "cve": "CVE-2023-27535",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An authentication bypass vulnerability exists in libcurl \u003c8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-27535"
    },
    {
      "cve": "CVE-2023-27536",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An authentication bypass vulnerability exists libcurl \u003c8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-27536"
    },
    {
      "cve": "CVE-2023-27537",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A double free vulnerability exists in libcurl \u003c8.0.0 when sharing HSTS data between separate \"handles\". This sharing was introduced without considerations for do this sharing across separate threads but there was no indication of this fact in the documentation. Due to missing mutexes or thread locks, two threads sharing the same HSTS data could end up doing a double-free or use-after-free.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-27537"
    },
    {
      "cve": "CVE-2023-27538",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl would reuse a previously created connection even when an SSH related option had been changed that should have prohibited reuse. libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, two SSH settings were left out from the configuration match checks, making them match too easily.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-27538"
    },
    {
      "cve": "CVE-2023-28484",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-28484"
    },
    {
      "cve": "CVE-2023-29383",
      "cwe": {
        "id": "CWE-74",
        "name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that \"cat /etc/passwd\" shows a rogue user account.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-29383"
    },
    {
      "cve": "CVE-2023-29469",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the \u0027\\0\u0027 value).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-29469"
    },
    {
      "cve": "CVE-2023-29491",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-29491"
    },
    {
      "cve": "CVE-2023-29499",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-29499"
    },
    {
      "cve": "CVE-2023-31085",
      "cwe": {
        "id": "CWE-369",
        "name": "Divide By Zero"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd-\u003eerasesize), used indirectly by ctrl_cdev_ioctl, when mtd-\u003eerasesize is 0.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-31085"
    },
    {
      "cve": "CVE-2023-32611",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-32611"
    },
    {
      "cve": "CVE-2023-32636",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect glib distributors who followed the guidance of glib developers to backport the initial fix for CVE-2023-29499.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-32636"
    },
    {
      "cve": "CVE-2023-32643",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in GLib. The GVariant deserialization code is vulnerable to a heap buffer overflow introduced by the fix for CVE-2023-32665. This bug does not affect any released version of GLib, but does affect GLib distributors who followed the guidance of GLib developers to backport the initial fix for CVE-2023-32665.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-32643"
    },
    {
      "cve": "CVE-2023-32665",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "mitigation",
          "details": "Limit remote access to port 22350/tcp on systems where the Codemeter runtime network server is running. Note that this is the default configuration, which therefore limits the exploitability to local attacks only.",
          "product_ids": [
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-32665"
    },
    {
      "cve": "CVE-2023-34319",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The fix for XSA-423 added logic to Linux\u0027es netback driver to deal with\na frontend splitting a packet in a way such that not all of the headers\nwould come in one piece.  Unfortunately the logic introduced there\ndidn\u0027t account for the extreme case of the entire packet being split\ninto as many pieces as permitted by the protocol, yet still being\nsmaller than the area that\u0027s specially dealt with to keep all (possible)\nheaders together.  Such an unusual packet would therefore trigger a\nbuffer overrun in the driver.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-34319"
    },
    {
      "cve": "CVE-2023-34969",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the same dbus-daemon can cause a dbus-daemon crash under some circumstances via an unreplyable message. When done on the well-known system bus, this is a denial-of-service vulnerability. The fixed versions are 1.12.28, 1.14.8, and 1.15.6.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-34969"
    },
    {
      "cve": "CVE-2023-35001",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-35001"
    },
    {
      "cve": "CVE-2023-35945",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy\u2019s HTTP/2 codec may leak a header map and bookkeeping structures upon receiving `RST_STREAM` immediately followed by the `GOAWAY` frames from an upstream server. In nghttp2, cleanup of pending requests due to receipt of the `GOAWAY` frame skips de-allocation of the bookkeeping structure and pending compressed header. The error return [code path] is taken if connection is already marked for not sending more requests due to `GOAWAY` frame. The clean-up code is right after the return statement, causing memory leak. Denial of service through memory exhaustion. This vulnerability was patched in versions(s) 1.26.3, 1.25.8, 1.24.9, 1.23.11.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-35945"
    },
    {
      "cve": "CVE-2023-38408",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-38408"
    },
    {
      "cve": "CVE-2023-39128",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-39128"
    },
    {
      "cve": "CVE-2023-39189",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-39189"
    },
    {
      "cve": "CVE-2023-39192",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a crash or information disclosure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-39192"
    },
    {
      "cve": "CVE-2023-39193",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-39193"
    },
    {
      "cve": "CVE-2023-39194",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, potentially leading to an information disclosure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.2,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-39194"
    },
    {
      "cve": "CVE-2023-39615",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Xmlsoft Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file. NOTE: the vendor\u0027s position is that the product does not support the legacy SAX1 interface with custom callbacks; there is a crash even without crafted input.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-39615"
    },
    {
      "cve": "CVE-2023-40283",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the children of an sk are mishandled.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-40283"
    },
    {
      "cve": "CVE-2023-42754",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privileges to crash the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-42754"
    },
    {
      "cve": "CVE-2023-42755",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-42755"
    },
    {
      "cve": "CVE-2023-45322",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor\u0027s position is \"I don\u0027t think these issues are critical enough to warrant a CVE ID ... because an attacker typically can\u0027t control when memory allocations fail.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-45322"
    },
    {
      "cve": "CVE-2023-45853",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-45853"
    },
    {
      "cve": "CVE-2023-45871",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-45871"
    },
    {
      "cve": "CVE-2023-45898",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The Linux kernel before 6.5.4 has an es1 use-after-free in fs/ext4/extents_status.c, related to ext4_es_insert_extent.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-45898"
    },
    {
      "cve": "CVE-2023-45918",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinfo/lib_termcap.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-45918"
    },
    {
      "cve": "CVE-2023-46862",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in the Linux kernel through 6.5.9. During a race with SQ thread exit, an io_uring/fdinfo.c io_uring_show_fdinfo NULL pointer dereference can occur.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-46862"
    },
    {
      "cve": "CVE-2023-52425",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-52425"
    },
    {
      "cve": "CVE-2023-52426",
      "cwe": {
        "id": "CWE-776",
        "name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-52426"
    },
    {
      "cve": "CVE-2023-52444",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid dirent corruption As Al reported in link[1]: f2fs_rename() ... if (old_dir != new_dir \u0026\u0026 !whiteout) f2fs_set_link(old_inode, old_dir_entry, old_dir_page, new_dir); else f2fs_put_page(old_dir_page, 0); You want correct inumber in the \"..\" link. And cross-directory rename does move the source to new parent, even if you\u0027d been asked to leave a whiteout in the old place. [1] https://lore.kernel.org/all/20231017055040.GN800259@ZenIV/ With below testcase, it may cause dirent corruption, due to it missed to call f2fs_set_link() to update \"..\" link to new directory. - mkdir -p dir/foo - renameat2 -w dir/foo bar [ASSERT] (__chk_dots_dentries:1421) --\u003e Bad inode number[0x4] for \u0027..\u0027, parent parent ino is [0x3] [FSCK] other corrupted bugs [Fail]",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-52444"
    },
    {
      "cve": "CVE-2023-52464",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: EDAC/thunderx: Fix possible out-of-bounds string access Enabling -Wstringop-overflow globally exposes a warning for a common bug in the usage of strncat(): drivers/edac/thunderx_edac.c: In function \u0027thunderx_ocx_com_threaded_isr\u0027: drivers/edac/thunderx_edac.c:1136:17: error: \u0027strncat\u0027 specified bound 1024 equals destination size [-Werror=stringop-overflow=] 1136 | strncat(msg, other, OCX_MESSAGE_SIZE); | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ... 1145 | strncat(msg, other, OCX_MESSAGE_SIZE); ... 1150 | strncat(msg, other, OCX_MESSAGE_SIZE); ... Apparently the author of this driver expected strncat() to behave the way that strlcat() does, which uses the size of the destination buffer as its third argument rather than the length of the source buffer. The result is that there is no check on the size of the allocated buffer. Change it to strlcat(). [ bp: Trim compiler output, fixup commit message. ]",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-52464"
    },
    {
      "cve": "CVE-2023-52612",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: crypto: scomp - fix req-\u003edst buffer overflow The req-\u003edst buffer size should be checked before copying from the scomp_scratch-\u003edst to avoid req-\u003edst buffer overflow problem.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-52612"
    },
    {
      "cve": "CVE-2023-52622",
      "cwe": {
        "id": "CWE-131",
        "name": "Incorrect Calculation of Buffer Size"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ext4: avoid online resizing failures due to oversized flex bg.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-52622"
    },
    {
      "cve": "CVE-2023-52675",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: powerpc/imc-pmu: Add a null pointer check in update_events_in_group() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-52675"
    },
    {
      "cve": "CVE-2023-52699",
      "cwe": {
        "id": "CWE-833",
        "name": "Deadlock"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: sysv: don\u0027t call sb_bread() with pointers_lock held syzbot is reporting sleep in atomic context in SysV filesystem [1], for sb_bread() is called with rw_spinlock held. A \"write_lock(\u0026pointers_lock) =\u003e read_lock(\u0026pointers_lock) deadlock\" bug and a \"sb_bread() with write_lock(\u0026pointers_lock)\" bug were introduced by \"Replace BKL for chain locking with sysvfs-private rwlock\" in Linux 2.5.12. Then, \"[PATCH] err1-40: sysvfs locking fix\" in Linux 2.6.8 fixed the former bug by moving pointers_lock lock to the callers, but instead introduced a \"sb_bread() with read_lock(\u0026pointers_lock)\" bug (which made this problem easier to hit). Al Viro suggested that why not to do like get_branch()/get_block()/ find_shared() in Minix filesystem does. And doing like that is almost a revert of \"[PATCH] err1-40: sysvfs locking fix\" except that get_branch() from with find_shared() is called without write_lock(\u0026pointers_lock).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2023-52699"
    },
    {
      "cve": "CVE-2024-0584",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free issue was found in igmp_start_timer in net/ipv4/igmp.c in the network sub-component in the Linux Kernel. This flaw allows a local user to observe a refcnt use-after-free issue when receiving an igmp query packet, leading to a kernel information leak.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-0584"
    },
    {
      "cve": "CVE-2024-2004",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protocol which has been explicitly disabled.      curl --proto -all,-http http://curl.se  The flaw is only present if the set of selected protocols disables the entire set of available protocols, in itself a command with no practical use and therefore unlikely to be encountered in real situations. The curl security team has thus assessed this to be low severity bug.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-2004"
    },
    {
      "cve": "CVE-2024-2236",
      "cwe": {
        "id": "CWE-208",
        "name": "Observable Timing Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A timing-based side-channel flaw was found in libgcrypt\u0027s RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-2236"
    },
    {
      "cve": "CVE-2024-2379",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-2379"
    },
    {
      "cve": "CVE-2024-2398",
      "cwe": {
        "id": "CWE-772",
        "name": "Missing Release of Resource after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory.  Further, this error condition fails silently and is therefore not easily detected by an application.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-2398"
    },
    {
      "cve": "CVE-2024-2466",
      "cwe": {
        "id": "CWE-297",
        "name": "Improper Validation of Certificate with Host Mismatch"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS.  libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate check. This affects all uses of TLS protocols (HTTPS, FTPS, IMAPS, POPS3, SMTPS, etc).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-2466"
    },
    {
      "cve": "CVE-2024-2511",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions. An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in TLSv1.3 if the non-default SSL_OP_NO_TICKET option is being used (but not if early_data support is also configured and the default anti-replay protection is in use). In this case, under certain conditions, the session cache can get into an incorrect state and it will fail to flush properly as it fills. The session cache will continue to grow in an unbounded manner. A malicious client could deliberately create the scenario for this failure to force a Denial of Service. It may also happen by accident in normal operation. This issue only affects TLS servers supporting TLSv1.3. It does not affect TLS clients. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue. OpenSSL 1.0.2 is also not affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-2511"
    },
    {
      "cve": "CVE-2024-5535",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a range of potential consequences such as unexpected application beahviour or a crash. In particular this issue could result in up to 255 bytes of arbitrary private data from memory being sent to the peer leading to a loss of confidentiality. However, only applications that directly call the SSL_select_next_proto function with a 0 length list of supported client protocols are affected by this issue. This would normally never be a valid scenario and is typically not under attacker control but may occur by accident in the case of a configuration or programming error in the calling application. The OpenSSL API function SSL_select_next_proto is typically used by TLS applications that support ALPN (Application Layer Protocol Negotiation) or NPN (Next Protocol Negotiation). NPN is older, was never standardised and is deprecated in favour of ALPN. We believe that ALPN is significantly more widely deployed than NPN. The SSL_select_next_proto function accepts a list of protocols from the server and a list of protocols from the client and returns the first protocol that appears in the server list that also appears in the client list. In the case of no overlap between the two lists it returns the first item in the client list. In either case it will signal whether an overlap between the two lists was found. In the case where SSL_select_next_proto is called with a zero length client list it fails to notice this condition and returns the memory immediately following the client list pointer (and reports that there was no overlap in the lists). This function is typically called from a server side application callback for ALPN or a client side application callback for NPN. In the case of ALPN the list of protocols supplied by the client is guaranteed by libssl to never be zero in length. The list of server protocols comes from the application and should never normally be expected to be of zero length. In this case if the SSL_select_next_proto function has been called as expected (with the list supplied by the client passed in the client/client_len parameters), then the application will not be vulnerable to this issue. If the application has accidentally been configured with a zero length server list, and has accidentally passed that zero length server list in the client/client_len parameters, and has additionally failed to correctly handle a \"no overlap\" response (which would normally result in a handshake failure in ALPN) then it will be vulnerable to this problem. In the case of NPN, the protocol permits the client to opportunistically select a protocol when there is no overlap. OpenSSL returns the first client protocol in the no overlap case in support of this. The list of client protocols comes from the application and should never normally be expected to be of zero length. However if the SSL_select_next_proto function is accidentally called with a client_len of 0 then an invalid memory pointer will be returned instead. If the application uses this output as the opportunistic protocol then the loss of confidentiality will occur. This issue has been assessed as Low severity because applications are most likely to be vulnerable if they are using NPN instead of ALPN - but NPN is not widely used. It also requires an application configuration or programming error. Finally, this issue would not typically be under attacker control making active exploitation unlikely. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue. Due to the low severity of this issue we are not issuing new releases of OpenSSL at this time. The fix will be included in the next releases when they become available.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-5535"
    },
    {
      "cve": "CVE-2024-5742",
      "cwe": {
        "id": "CWE-377",
        "name": "Insecure Temporary File"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privileges through a malicious symlink.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-5742"
    },
    {
      "cve": "CVE-2024-6409",
      "cwe": {
        "id": "CWE-364",
        "name": "Signal Handler Race Condition"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A race condition vulnerability was discovered in how signals are handled by OpenSSH\u0027s server (sshd). If a remote attacker does not authenticate within a set time period, then sshd\u0027s SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog(). As a consequence of a successful attack, in the worst case scenario, an attacker may be able to perform a remote code execution (RCE) as an unprivileged user running the sshd server.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-6409"
    },
    {
      "cve": "CVE-2024-7264",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl\u0027s ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field, the parser might end up using -1 for the length of the *time fraction*, leading to a `strlen()` getting performed on a pointer to a heap buffer area that is not (purposely) null terminated. This flaw most likely leads to a crash, but can also lead to heap contents getting returned to the application when [CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-7264"
    },
    {
      "cve": "CVE-2024-8096",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. If the returned status reports another error than \u0027revoked\u0027 (like for example \u0027unauthorized\u0027) it is not treated as a bad certficate.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-8096"
    },
    {
      "cve": "CVE-2024-8176",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-8176"
    },
    {
      "cve": "CVE-2024-9143",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: Use of the low-level GF(2m) elliptic curve APIs with untrusted explicit values for the field polynomial can lead to out-of-bounds memory reads or writes. Impact summary: Out of bound memory writes can lead to an application crash or even a possibility of a remote code execution, however, in all the protocols involving Elliptic Curve Cryptography that we\u0027re aware of, either only \"named curves\" are supported, or, if explicit curve parameters are supported, they specify an X9.62 encoding of binary (GF(2m)) curves that can\u0027t represent problematic input values. Thus the likelihood of existence of a vulnerable application is low. In particular, the X9.62 encoding is used for ECC keys in X.509 certificates, so problematic inputs cannot occur in the context of processing X.509 certificates. Any problematic use-cases would have to be using an \"exotic\" curve encoding. The affected APIs include: EC_GROUP_new_curve_GF2m(), EC_GROUP_new_from_params(), and various supporting BN_GF2m_*() functions. Applications working with \"exotic\" explicit binary (GF(2m)) curve parameters, that make it possible to represent invalid field polynomials with a zero constant term, via the above or similar APIs, may terminate abruptly as a result of reading or writing outside of array bounds. Remote code execution cannot easily be ruled out. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-9143"
    },
    {
      "cve": "CVE-2024-11053",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When asked to both use a `.netrc` file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has an entry that matches the redirect target hostname but the entry either omits just the password or omits both login and password.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-11053"
    },
    {
      "cve": "CVE-2024-26645",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracing_map.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-26645"
    },
    {
      "cve": "CVE-2024-26671",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix IO hang from sbitmap wakeup race.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-26671"
    },
    {
      "cve": "CVE-2024-26679",
      "cwe": {
        "id": "CWE-413",
        "name": "Improper Resource Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ninet: read sk-\u003esk_family once in inet_recv_error()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-26679"
    },
    {
      "cve": "CVE-2024-26772",
      "cwe": {
        "id": "CWE-413",
        "name": "Improper Resource Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\next4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()\r\n\r\nPlaces the logic for checking if the group\u0027s block bitmap is corrupt under\r\nthe protection of the group lock to avoid allocating blocks from the group\r\nwith a corrupted block bitmap.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-26772"
    },
    {
      "cve": "CVE-2024-26773",
      "cwe": {
        "id": "CWE-413",
        "name": "Improper Resource Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-26773"
    },
    {
      "cve": "CVE-2024-26777",
      "cwe": {
        "id": "CWE-369",
        "name": "Divide By Zero"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfbdev: sis: Error out if pixclock equals zero",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-26777"
    },
    {
      "cve": "CVE-2024-26805",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netlink: Fix kernel-infoleak-after-free in skb_datagram_iter.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-26805"
    },
    {
      "cve": "CVE-2024-26835",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nf_tables: set dormant flag on hook register failure",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-26835"
    },
    {
      "cve": "CVE-2024-26863",
      "cwe": {
        "id": "CWE-908",
        "name": "Use of Uninitialized Resource"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: hsr: Fix uninit-value access in hsr_get_node().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-26863"
    },
    {
      "cve": "CVE-2024-26878",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: quota: Fix potential NULL pointer dereference.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-26878"
    },
    {
      "cve": "CVE-2024-26880",
      "cwe": {
        "id": "CWE-99",
        "name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: dm: call the resume method on internal suspend.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-26880"
    },
    {
      "cve": "CVE-2024-26898",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-26898"
    },
    {
      "cve": "CVE-2024-26901",
      "cwe": {
        "id": "CWE-908",
        "name": "Use of Uninitialized Resource"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-26901"
    },
    {
      "cve": "CVE-2024-26923",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-26923"
    },
    {
      "cve": "CVE-2024-26957",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: fix reference counting on zcrypt card objects.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-26957"
    },
    {
      "cve": "CVE-2024-26973",
      "cwe": {
        "id": "CWE-457",
        "name": "Use of Uninitialized Variable"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: fat: fix uninitialized field in nostale filehandles When fat_encode_fh_nostale() encodes file handle without a parent it stores only first 10 bytes of the file handle. However the length of the file handle must be a multiple of 4 so the file handle is actually 12 bytes long and the last two bytes remain uninitialized. This is not great at we potentially leak uninitialized information with the handle to userspace. Properly initialize the full handle length.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-26973"
    },
    {
      "cve": "CVE-2024-27020",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in nft_expr_type_get().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-27020"
    },
    {
      "cve": "CVE-2024-27032",
      "cwe": {
        "id": "CWE-833",
        "name": "Deadlock"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential panic during recovery During recovery, if FAULT_BLOCK is on, it is possible that f2fs_reserve_new_block() will return -ENOSPC during recovery, then it may trigger panic. Also, if fault injection rate is 1 and only FAULT_BLOCK fault type is on, it may encounter deadloop in loop of block reservation. Let\u0027s change as below to fix these issues: - remove bug_on() to avoid panic. - limit the loop count of block reservation to avoid potential deadloop.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-27032"
    },
    {
      "cve": "CVE-2024-27065",
      "cwe": {
        "id": "CWE-1287",
        "name": "Improper Validation of Specified Type of Input"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: do not compare internal table flags on updates Restore skipping transaction if table update does not modify flags.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-27065"
    },
    {
      "cve": "CVE-2024-27074",
      "cwe": {
        "id": "CWE-772",
        "name": "Missing Release of Resource after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: media: go7007: fix a memleak in go7007_load_encoder.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-27074"
    },
    {
      "cve": "CVE-2024-28182",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbounded number of HTTP/2 CONTINUATION frames even after a stream is reset to keep HPACK context in sync.  This causes excessive CPU usage to decode HPACK stream. nghttp2 v1.61.0 mitigates this vulnerability by limiting the number of CONTINUATION frames it accepts per stream. There is no workaround for this vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-28182"
    },
    {
      "cve": "CVE-2024-28757",
      "cwe": {
        "id": "CWE-776",
        "name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-28757"
    },
    {
      "cve": "CVE-2024-28834",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-28834"
    },
    {
      "cve": "CVE-2024-28835",
      "cwe": {
        "id": "CWE-248",
        "name": "Uncaught Exception"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the \"certtool --verify-chain\" command.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-28835"
    },
    {
      "cve": "CVE-2024-33621",
      "cwe": {
        "id": "CWE-1287",
        "name": "Improper Validation of Specified Type of Input"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ipvlan: Dont Use skb-\u003esk in ipvlan_process_v4 / 6_outbound.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-33621"
    },
    {
      "cve": "CVE-2024-34459",
      "cwe": {
        "id": "CWE-126",
        "name": "Buffer Over-read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-34459"
    },
    {
      "cve": "CVE-2024-35807",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ext4: fix corruption during on-line resize.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-35807"
    },
    {
      "cve": "CVE-2024-35809",
      "cwe": {
        "id": "CWE-1287",
        "name": "Improper Validation of Specified Type of Input"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: PCI/PM: Drain runtime-idle callbacks before driver removal.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-35809"
    },
    {
      "cve": "CVE-2024-35830",
      "cwe": {
        "id": "CWE-665",
        "name": "Improper Initialization"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: media: tc358743: register v4l2 async device only after successful setup Ensure the device has been setup correctly before registering the v4l2 async device, thus allowing userspace to access.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-35830"
    },
    {
      "cve": "CVE-2024-35888",
      "cwe": {
        "id": "CWE-457",
        "name": "Use of Uninitialized Variable"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: erspan: make sure erspan_base_hdr is present in skb-\u003ehead.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-35888"
    },
    {
      "cve": "CVE-2024-35910",
      "cwe": {
        "id": "CWE-665",
        "name": "Improper Initialization"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: tcp: properly terminate timers for kernel sockets We had various syzbot reports about tcp timers firing after the corresponding netns has been dismantled. Fortunately Josef Bacik could trigger the issue more often, and could test a patch I wrote two years ago. When TCP sockets are closed, we call inet_csk_clear_xmit_timers() to \u0027stop\u0027 the timers. inet_csk_clear_xmit_timers() can be called from any context, including when socket lock is held. This is the reason it uses sk_stop_timer(), aka del_timer(). This means that ongoing timers might finish much later. For user sockets, this is fine because each running timer holds a reference on the socket, and the user socket holds a reference on the netns. For kernel sockets, we risk that the netns is freed before timer can complete, because kernel sockets do not hold reference on the netns. This patch adds inet_csk_clear_xmit_timers_sync() function that using sk_stop_timer_sync() to make sure all timers are terminated before the kernel socket is released. Modules using kernel sockets close them in their netns exit() handler. Also add sock_not_owned_by_me() helper to get LOCKDEP support : inet_csk_clear_xmit_timers_sync() must not be called while socket lock is held. It is very possible we can revert in the future commit 3a58f13a881e (\"net: rds: acquire refcount on TCP sockets\") which attempted to solve the issue in rds only. (net/smc/af_smc.c and net/mptcp/subflow.c have similar code) We probably can remove the check_net() tests from tcp_out_of_resources() and __tcp_close() in the future.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-35910"
    },
    {
      "cve": "CVE-2024-35925",
      "cwe": {
        "id": "CWE-369",
        "name": "Divide By Zero"
      },
      "notes": [
        {
          "category": "summary",
          "text": "block: prevent division by zero in blk_rq_stat_sum()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-35925"
    },
    {
      "cve": "CVE-2024-35944",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-35944"
    },
    {
      "cve": "CVE-2024-36017",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation Each attribute inside a nested IFLA_VF_VLAN_LIST is assumed to be a struct ifla_vf_vlan_info so the size of such attribute needs to be at least of sizeof(struct ifla_vf_vlan_info) which is 14 bytes. The current size validation in do_setvfinfo is against NLA_HDRLEN (4 bytes) which is less than sizeof(struct ifla_vf_vlan_info) so this validation is not enough and a too small attribute might be cast to a struct ifla_vf_vlan_info, this might result in an out of bands read access when accessing the saved (casted) entry in ivvl.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-36017"
    },
    {
      "cve": "CVE-2024-36286",
      "cwe": {
        "id": "CWE-1287",
        "name": "Improper Validation of Specified Type of Input"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-36286"
    },
    {
      "cve": "CVE-2024-36484",
      "cwe": {
        "id": "CWE-99",
        "name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net: relax socket state check at accept time.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-36484"
    },
    {
      "cve": "CVE-2024-36904",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-36904"
    },
    {
      "cve": "CVE-2024-36905",
      "cwe": {
        "id": "CWE-369",
        "name": "Divide By Zero"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-36905"
    },
    {
      "cve": "CVE-2024-36934",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: bna: ensure the copied buf is NUL terminated Currently, we allocate a nbytes-sized kernel buffer and copy nbytes from userspace to that buffer. Later, we use sscanf on this buffer but we don\u0027t ensure that the string is terminated inside the buffer, this can lead to OOB read when using sscanf. Fix this issue by using memdup_user_nul instead of memdup_user.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-36934"
    },
    {
      "cve": "CVE-2024-37356",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: tcp: Fix shift-out-of-bounds in dctcp_update_alpha().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-37356"
    },
    {
      "cve": "CVE-2024-38596",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-38596"
    },
    {
      "cve": "CVE-2024-38598",
      "cwe": {
        "id": "CWE-667",
        "name": "Improper Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: md: fix resync softlockup when bitmap size is less than array size.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-38598"
    },
    {
      "cve": "CVE-2024-38612",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix invalid unregister error path The error path of seg6_init() is wrong in case CONFIG_IPV6_SEG6_LWTUNNEL is not defined. In that case if seg6_hmac_init() fails, the genl_unregister_family() isn\u0027t called. This issue exist since commit 46738b1317e1 (\"ipv6: sr: add option to control lwtunnel support\"), and commit 5559cea2d5aa (\"ipv6: sr: fix possible use-after-free and null-ptr-deref\") replaced unregister_pernet_subsys() with genl_unregister_family() in this error path.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-38612"
    },
    {
      "cve": "CVE-2024-38621",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: media: stk1160: fix bounds checking in stk1160_copy_video() The subtract in this condition is reversed. The -\u003elength is the length of the buffer. The -\u003ebytesused is how many bytes we have copied thus far. When the condition is reversed that means the result of the subtraction is always negative but since it\u0027s unsigned then the result is a very high positive value. That means the overflow check is never true. Additionally, the -\u003ebytesused doesn\u0027t actually work for this purpose because we\u0027re not writing to \"buf-\u003emem + buf-\u003ebytesused\". Instead, the math to calculate the destination where we are writing is a bit involved. You calculate the number of full lines already written, multiply by two, skip a line if necessary so that we start on an odd numbered line, and add the offset into the line. To fix this buffer overflow, just take the actual destination where we are writing, if the offset is already out of bounds print an error and return. Otherwise, write up to buf-\u003elength bytes.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-38621"
    },
    {
      "cve": "CVE-2024-38780",
      "cwe": {
        "id": "CWE-667",
        "name": "Improper Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: dma-buf/sw-sync: don\u0027t enable IRQ from sync_print_obj().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-38780"
    },
    {
      "cve": "CVE-2024-39292",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: um: Add winch to winch_handlers before registering winch IRQ Registering a winch IRQ is racy, an interrupt may occur before the winch is added to the winch_handlers list. If that happens, register_winch_irq() adds to that list a winch that is scheduled to be (or has already been) freed, causing a panic later in winch_cleanup(). Avoid the race by adding the winch to the winch_handlers list before registering the IRQ, and rolling back if um_request_irq() fails.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-39292"
    },
    {
      "cve": "CVE-2024-39469",
      "cwe": {
        "id": "CWE-1050",
        "name": "Excessive Platform Resource Consumption within a Loop"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors The error handling in nilfs_empty_dir() when a directory folio/page read fails is incorrect, as in the old ext2 implementation, and if the folio/page cannot be read or nilfs_check_folio() fails, it will falsely determine the directory as empty and corrupt the file system. In addition, since nilfs_empty_dir() does not immediately return on a failed folio/page read, but continues to loop, this can cause a long loop with I/O if i_size of the directory\u0027s inode is also corrupted, causing the log writer thread to wait and hang, as reported by syzbot. Fix these issues by making nilfs_empty_dir() immediately return a false value (0) if it fails to get a directory folio/page.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-39469"
    },
    {
      "cve": "CVE-2024-39487",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-39487"
    },
    {
      "cve": "CVE-2024-39489",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix memleak in seg6_hmac_init_algo seg6_hmac_init_algo returns without cleaning up the previous allocations if one fails, so it\u0027s going to leak all that memory and the crypto tfms. Update seg6_hmac_exit to only free the memory when allocated, so we can reuse the code directly.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-39489"
    },
    {
      "cve": "CVE-2024-40901",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-40901"
    },
    {
      "cve": "CVE-2024-40959",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-40959"
    },
    {
      "cve": "CVE-2024-41046",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiq_etop: fix double free in detach The number of the currently released descriptor is never incremented which results in the same skb being released multiple times.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-41046"
    },
    {
      "cve": "CVE-2024-42070",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers register store validation for NFT_DATA_VALUE is conditional, however, the datatype is always either NFT_DATA_VALUE or NFT_DATA_VERDICT. This only requires a new helper function to infer the register type from the set datatype so this conditional check can be removed. Otherwise, pointer to chain object can be leaked through the registers.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-42070"
    },
    {
      "cve": "CVE-2024-42096",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: x86: stop playing stack games in profile_pc().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-42096"
    },
    {
      "cve": "CVE-2024-42106",
      "cwe": {
        "id": "CWE-908",
        "name": "Use of Uninitialized Resource"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: inet_diag: Initialize pad field in struct inet_diag_req_v2.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-42106"
    },
    {
      "cve": "CVE-2024-42131",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: mm: avoid overflows in dirty throttling logic The dirty throttling logic is interspersed with assumptions that dirty limits in PAGE_SIZE units fit into 32-bit (so that various multiplications fit into 64-bits). If limits end up being larger, we will hit overflows, possible divisions by 0 etc. Fix these problems by never allowing so large dirty limits as they have dubious practical value anyway. For dirty_bytes / dirty_background_bytes interfaces we can just refuse to set so large limits. For dirty_ratio / dirty_background_ratio it isn\u0027t so simple as the dirty limit is computed from the amount of available memory which can change due to memory hotplug etc. So when converting dirty limits from ratios to numbers of pages, we just don\u0027t allow the result to exceed UINT_MAX. This is root-only triggerable problem which occurs when the operator sets dirty limits to \u003e16 TB.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-42131"
    },
    {
      "cve": "CVE-2024-42154",
      "cwe": {
        "id": "CWE-805",
        "name": "Buffer Access with Incorrect Length Value"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: tcp_metrics: validate source addr length I don\u0027t see anything checking that TCP_METRICS_ATTR_SADDR_IPV4 is at least 4 bytes long, and the policy doesn\u0027t have an entry for this attribute at all (neither does it for IPv6 but v6 is manually validated).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-42154"
    },
    {
      "cve": "CVE-2024-43871",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: devres: Fix memory leakage caused by driver API devm_free_percpu() It will cause memory leakage when use driver API devm_free_percpu() to free memory allocated by devm_alloc_percpu(), fixed by using devres_release() instead of devres_destroy() within devm_free_percpu().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-43871"
    },
    {
      "cve": "CVE-2024-44944",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use helper function to calculate expect ID Delete expectation path is missing a call to the nf_expect_get_id() helper function to calculate the expectation ID, otherwise LSB of the expectation object address is leaked to userspace.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-44944"
    },
    {
      "cve": "CVE-2024-44965",
      "cwe": {
        "id": "CWE-229",
        "name": "Improper Handling of Values"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix pti_clone_pgtable() alignment assumption Guenter reported dodgy crashes on an i386-nosmp build using GCC-11 that had the form of endless traps until entry stack exhaust and then #DF from the stack guard. It turned out that pti_clone_pgtable() had alignment assumptions on the start address, notably it hard assumes start is PMD aligned. This is true on x86_64, but very much not true on i386. These assumptions can cause the end condition to malfunction, leading to a \u0027short\u0027 clone. Guess what happens when the user mapping has a short copy of the entry text? Use the correct increment form for addr to avoid alignment assumptions.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-44965"
    },
    {
      "cve": "CVE-2024-46743",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: of/irq: Prevent device address out-of-bounds read in interrupt map walk.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-46743"
    },
    {
      "cve": "CVE-2024-46745",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: Input: uinput - reject requests with unreasonable number of slots When exercising uinput interface syzkaller may try setting up device with a really large number of slots, which causes memory allocation failure in input_mt_init_slots(). While this allocation failure is handled properly and request is rejected, it results in syzkaller reports. Additionally, such request may put undue burden on the system which will try to free a lot of memory for a bogus request. Fix it by limiting allowed number of slots to 100. This can easily be extended if we see devices that can track more than 100 contacts.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-46745"
    },
    {
      "cve": "CVE-2024-46750",
      "cwe": {
        "id": "CWE-413",
        "name": "Improper Resource Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: PCI: Add missing bridge lock to pci_bus_lock().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-46750"
    },
    {
      "cve": "CVE-2024-47684",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ntcp: check skb is non-NULL in tcp_rto_delta_us()\r\n\r\nWe have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic\r\nkernel that are running ceph and recently hit a null ptr dereference in\r\ntcp_rearm_rto(). Initially hitting it from the TLP path, but then later we also\r\nsaw it getting hit from the RACK case as well. Here are examples of the oops\r\nmessages we saw in each of those cases:\r\n\r\nJul 26 15:05:02 rx [11061395.780353] BUG: kernel NULL pointer dereference, address: 0000000000000020\r\nJul 26 15:05:02 rx [11061395.787572] #PF: supervisor read access in kernel mode\r\nJul 26 15:05:02 rx [11061395.792971] #PF: error_code(0x0000) - not-present page\r\nJul 26 15:05:02 rx [11061395.798362] PGD 0 P4D 0\r\nJul 26 15:05:02 rx [11061395.801164] Oops: 0000 [#1] SMP NOPTI\r\nJul 26 15:05:02 rx [11061395.805091] CPU: 0 PID: 9180 Comm: msgr-worker-1 Tainted: G W 5.4.0-174-generic #193-Ubuntu\r\nJul 26 15:05:02 rx [11061395.814996] Hardware name: Supermicro SMC 2x26 os-gen8 64C NVME-Y 256G/H12SSW-NTR, BIOS 2.5.V1.2U.NVMe.UEFI 05/09/2023\r\nJul 26 15:05:02 rx [11061395.825952] RIP: 0010:tcp_rearm_rto+0xe4/0x160\r\nJul 26 15:05:02 rx [11061395.830656] Code: 87 ca 04 00 00 00 5b 41 5c 41 5d 5d c3 c3 49 8b bc 24 40 06 00 00 eb 8d 48 bb cf f7 53 e3 a5 9b c4 20 4c 89 ef e8 0c fe 0e 00 \u003c48\u003e 8b 78 20 48 c1 ef 03 48 89 f8 41 8b bc 24 80 04 00 00 48 f7 e3\r\nJul 26 15:05:02 rx [11061395.849665] RSP: 0018:ffffb75d40003e08 EFLAGS: 00010246\r\nJul 26 15:05:02 rx [11061395.855149] RAX: 0000000000000000 RBX: 20c49ba5e353f7cf RCX: 0000000000000000\r\nJul 26 15:05:02 rx [11061395.862542] RDX: 0000000062177c30 RSI: 000000000000231c RDI: ffff9874ad283a60\r\nJul 26 15:05:02 rx [11061395.869933] RBP: ffffb75d40003e20 R08: 0000000000000000 R09: ffff987605e20aa8\r\nJul 26 15:05:02 rx [11061395.877318] R10: ffffb75d40003f00 R11: ffffb75d4460f740 R12: ffff9874ad283900\r\nJul 26 15:05:02 rx [11061395.884710] R13: ffff9874ad283a60 R14: ffff9874ad283980 R15: ffff9874ad283d30\r\nJul 26 15:05:02 rx [11061395.892095] FS: 00007f1ef4a2e700(0000) GS:ffff987605e00000(0000) knlGS:0000000000000000\r\nJul 26 15:05:02 rx [11061395.900438] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\r\nJul 26 15:05:02 rx [11061395.906435] CR2: 0000000000000020 CR3: 0000003e450ba003 CR4: 0000000000760ef0\r\nJul 26 15:05:02 rx [11061395.913822] PKRU: 55555554\r\nJul 26 15:05:02 rx [11061395.916786] Call Trace:\r\nJul 26 15:05:02 rx [11061395.919488]\r\nJul 26 15:05:02 rx [11061395.921765] ? show_regs.cold+0x1a/0x1f\r\nJul 26 15:05:02 rx [11061395.925859] ? __die+0x90/0xd9\r\nJul 26 15:05:02 rx [11061395.929169] ? no_context+0x196/0x380\r\nJul 26 15:05:02 rx [11061395.933088] ? ip6_protocol_deliver_rcu+0x4e0/0x4e0\r\nJul 26 15:05:02 rx [11061395.938216] ? ip6_sublist_rcv_finish+0x3d/0x50\r\nJul 26 15:05:02 rx [11061395.943000] ? __bad_area_nosemaphore+0x50/0x1a0\r\nJul 26 15:05:02 rx [11061395.947873] ? bad_area_nosemaphore+0x16/0x20\r\nJul 26 15:05:02 rx [11061395.952486] ? do_user_addr_fault+0x267/0x450\r\nJul 26 15:05:02 rx [11061395.957104] ? ipv6_list_rcv+0x112/0x140\r\nJul 26 15:05:02 rx [11061395.961279] ? __do_page_fault+0x58/0x90\r\nJul 26 15:05:02 rx [11061395.965458] ? do_page_fault+0x2c/0xe0\r\nJul 26 15:05:02 rx [11061395.969465] ? page_fault+0x34/0x40\r\nJul 26 15:05:02 rx [11061395.973217] ? tcp_rearm_rto+0xe4/0x160\r\nJul 26 15:05:02 rx [11061395.977313] ? tcp_rearm_rto+0xe4/0x160\r\nJul 26 15:05:02 rx [11061395.981408] tcp_send_loss_probe+0x10b/0x220\r\nJul 26 15:05:02 rx [11061395.985937] tcp_write_timer_handler+0x1b4/0x240\r\nJul 26 15:05:02 rx [11061395.990809] tcp_write_timer+0x9e/0xe0\r\nJul 26 15:05:02 rx [11061395.994814] ? tcp_write_timer_handler+0x240/0x240\r\nJul 26 15:05:02 rx [11061395.999866] call_timer_fn+0x32/0x130\r\nJul 26 15:05:02 rx [11061396.003782] __run_timers.part.0+0x180/0x280\r\nJul 26 15:05:02 rx [11061396.008309] ? recalibrate_cpu_khz+0x10/0x10\r\nJul 26 15:05:02 rx [11061396.012841] ? native_x2apic_icr_write+0x30/0x30\r\nJul 26 15:05:02 rx [11061396.017718] ? lapic_next_even\r\n---truncated---",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-47684"
    },
    {
      "cve": "CVE-2024-47701",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ext4: avoid OOB when system.data xattr changes underneath the filesystem.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-47701"
    },
    {
      "cve": "CVE-2024-47707",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ipv6: A NULL dereference vulnerability may occur in rt6_uncached_list_flush_dev() due to the necessary check being removed by a previous commit.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-47707"
    },
    {
      "cve": "CVE-2024-47737",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: nfsd: call cache_put if xdr_reserve_space returns NULL.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-47737"
    },
    {
      "cve": "CVE-2024-48881",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-48881"
    },
    {
      "cve": "CVE-2024-49881",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ext4: update orig_path in ext4_find_extent().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-49881"
    },
    {
      "cve": "CVE-2024-49884",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ext4: fix slab-use-after-free in ext4_split_extent_at().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-49884"
    },
    {
      "cve": "CVE-2024-49948",
      "cwe": {
        "id": "CWE-124",
        "name": "Buffer Underwrite (\u0027Buffer Underflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net: add more sanity checks to qdisc_pkt_len_init().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-49948"
    },
    {
      "cve": "CVE-2024-49949",
      "cwe": {
        "id": "CWE-124",
        "name": "Buffer Underwrite (\u0027Buffer Underflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net: avoid potential underflow in qdisc_pkt_len_init() with UFO.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-49949"
    },
    {
      "cve": "CVE-2024-49952",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: prevent nf_skb_duplicated corruption.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-49952"
    },
    {
      "cve": "CVE-2024-49982",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in more places For fixing CVE-2023-6270, f98364e92662 (\"aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts\") makes tx() calling dev_put() instead of doing in aoecmd_cfg_pkts(). It avoids that the tx() runs into use-after-free. Then Nicolai Stange found more places in aoe have potential use-after-free problem with tx(). e.g. revalidate(), aoecmd_ata_rw(), resend(), probe() and aoecmd_cfg_rsp(). Those functions also use aoenet_xmit() to push packet to tx queue. So they should also use dev_hold() to increase the refcnt of skb-\u003edev. On the other hand, moving dev_put() to tx() causes that the refcnt of skb-\u003edev be reduced to a negative value, because corresponding dev_hold() are not called in revalidate(), aoecmd_ata_rw(), resend(), probe(), and aoecmd_cfg_rsp(). This patch fixed this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-49982"
    },
    {
      "cve": "CVE-2024-49997",
      "cwe": {
        "id": "CWE-226",
        "name": "Sensitive Information in Resource Not Removed Before Reuse"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiq_etop: fix memory disclosure When applying padding, the buffer is not zeroed, which results in memory disclosure. The mentioned data is observed on the wire. This patch uses skb_put_padto() to pad Ethernet frames properly. The mentioned function zeroes the expanded buffer. In case the packet cannot be padded it is silently dropped. Statistics are also not incremented. This driver does not support statistics in the old 32-bit format or the new 64-bit format. These will be added in the future. In its current form, the patch should be easily backported to stable versions. Ethernet MACs on Amazon-SE and Danube cannot do padding of the packets in hardware, so software padding must be applied.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-49997"
    },
    {
      "cve": "CVE-2024-50006",
      "cwe": {
        "id": "CWE-833",
        "name": "Deadlock"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ext4: fix i_data_sem unlock order in ext4_ind_migrate().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-50006"
    },
    {
      "cve": "CVE-2024-50040",
      "cwe": {
        "id": "CWE-390",
        "name": "Detection of Error Condition Without Action"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: igb: Do not bring the device up after non-fatal error.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-50040"
    },
    {
      "cve": "CVE-2024-50045",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: br_netfilter: fix panic with metadata_dst skb.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-50045"
    },
    {
      "cve": "CVE-2024-50251",
      "cwe": {
        "id": "CWE-131",
        "name": "Incorrect Calculation of Buffer Size"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_payload: sanitize offset and length before calling skb_checksum() If access to offset + length is larger than the skbuff length, then skb_checksum() triggers BUG_ON(). skb_checksum() internally subtracts the length parameter while iterating over skbuff, BUG_ON(len) at the end of it checks that the expected length to be included in the checksum calculation is fully consumed.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-50251"
    },
    {
      "cve": "CVE-2024-50262",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: bpf: Fix out-of-bounds write in trie_get_next_key().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-50262"
    },
    {
      "cve": "CVE-2024-50299",
      "cwe": {
        "id": "CWE-131",
        "name": "Incorrect Calculation of Buffer Size"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: sctp: properly validate chunk size in sctp_sf_ootb()",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-50299"
    },
    {
      "cve": "CVE-2024-50301",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: security/keys: fix slab-out-of-bounds in key_task_permission.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-50301"
    },
    {
      "cve": "CVE-2024-50602",
      "cwe": {
        "id": "CWE-754",
        "name": "Improper Check for Unusual or Exceptional Conditions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-50602"
    },
    {
      "cve": "CVE-2024-52332",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "igb: Fix potential invalid memory access in igb_init_module() The pci_register_driver() can fail and when this happened, the dca_notifier needs to be unregistered, otherwise the dca_notifier can be called when igb fails to install, resulting to invalid memory access.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-52332"
    },
    {
      "cve": "CVE-2024-52533",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing \u0027\\\\0\u0027 character.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-52533"
    },
    {
      "cve": "CVE-2024-53057",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-53057"
    },
    {
      "cve": "CVE-2024-53124",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "net: fix data-races around sk sk_forward_alloc.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-53124"
    },
    {
      "cve": "CVE-2024-53140",
      "cwe": {
        "id": "CWE-755",
        "name": "Improper Handling of Exceptional Conditions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netlink: terminate outstanding dump on socket close Netlink supports iterative dumping of data. It provides the families the following ops: - start - (optional) kicks off the dumping process - dump - actual dump helper, keeps getting called until it returns 0 - done - (optional) pairs with .start, can be used for cleanup The whole process is asynchronous and the repeated calls to .dump don\u0027t actually happen in a tight loop, but rather are triggered in response to recvmsg() on the socket. This gives the user full control over the dump, but also means that the user can close the socket without getting to the end of the dump. To make sure .start is always paired with .done we check if there is an ongoing dump before freeing the socket, and if so call .done. The complication is that sockets can get freed from BH and .done is allowed to sleep. So we use a workqueue to defer the call, when needed. Unfortunately this does not work correctly. What we defer is not the cleanup but rather releasing a reference on the socket. We have no guarantee that we own the last reference, if someone else holds the socket they may release it in BH and we\u0027re back to square one. The whole dance, however, appears to be unnecessary. Only the user can interact with dumps, so we can clean up when socket is closed. And close always happens in process context. Some async code may still access the socket after close, queue notification skbs to it etc. but no dumps can start, end or otherwise make progress. Delete the workqueue and flush the dump state directly from the release handler. Note that further cleanup is possible in -next, for instance we now always call .done before releasing the main module reference, so dump doesn\u0027t have to take a reference of its own.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-53140"
    },
    {
      "cve": "CVE-2024-53164",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch-\u003eq.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a call to said function because otherwise it may fail to notify parent qdiscs when the child is about to become empty.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-53164"
    },
    {
      "cve": "CVE-2024-53165",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: sh: intc: Fix use-after-free bug in register_intc_controller() In the error handling for this function, d is freed without ever removing it from intc_list which would lead to a use after free. To fix this, let\u0027s only add it to the list after everything has succeeded.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-53165"
    },
    {
      "cve": "CVE-2024-53217",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent NULL dereference in nfsd4_process_cb_update().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-53217"
    },
    {
      "cve": "CVE-2024-56433",
      "cwe": {
        "id": "CWE-1188",
        "name": "Initialization of a Resource with an Insecure Default"
      },
      "notes": [
        {
          "category": "summary",
          "text": "shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.6,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-56433"
    },
    {
      "cve": "CVE-2024-56569",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "ftrace: Fix regression with module command in stack_trace_filter When executing the following command: # echo \"write*:mod:ext3\" \u003e /sys/kernel/tracing/stack_trace_filter The current mod command causes a null pointer dereference. While commit 0f17976568b3f (\"ftrace: Fix regression with module command in stack_trace_filter\") has addressed part of the issue, it left a corner case unhandled, which still results in a kernel crash.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-56569"
    },
    {
      "cve": "CVE-2024-56570",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: ovl: Filter invalid inodes with missing lookup function Add a check to the ovl_dentry_weird() function to prevent the processing of directory inodes that lack the lookup function.This is important because such inodes can cause errors in overlayfs when passed to the lowerstack.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-56570"
    },
    {
      "cve": "CVE-2024-56600",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "net: inet6: do not leave a dangling sk pointer in inet6_create() sock_init_data() attaches the allocated sk pointer to the provided sock object. If inet6_create() fails later, the sk object is released, but the sock object retains the dangling sk pointer, which may cause use-after-free later. Clear the sock sk pointer on error.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-56600"
    },
    {
      "cve": "CVE-2024-56601",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inet_create() sock_init_data() attaches the allocated sk object to the provided sock object. If inet_create() fails later, the sk object is freed, but the sock object retains the dangling pointer, which may create use-after-free later. Clear the sk pointer in the sock object on error.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-56601"
    },
    {
      "cve": "CVE-2024-56606",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "af_packet: avoid erroring out after sock_init_data() in packet_create() After sock_init_data() the allocated sk object is attached to the provided sock object. On error, packet_create() frees the sk object leaving the dangling pointer in the sock object on return. Some other code may try to use this pointer and cause use-after-free.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-56606"
    },
    {
      "cve": "CVE-2024-56644",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: net/ipv6: release expired exception dst cached in socket Dst objects get leaked in ip6_negative_advice() when this function is executed for an expired IPv6 route located in the exception table.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-56644"
    },
    {
      "cve": "CVE-2024-56650",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: fix LED ID check in led_tg_check() Syzbot has reported the following BUG detected by KASAN",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-56650"
    },
    {
      "cve": "CVE-2024-56770",
      "cwe": {
        "id": "CWE-670",
        "name": "Always-Incorrect Control Flow Implementation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "net/sched: netem: The interface fully stops transferring packets and \"locks\". In this case, the child qdisc and tfifo are empty, but \u0027qlen\u0027 indicates the tfifo is at its limit and no more packets are accepted.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-56770"
    },
    {
      "cve": "CVE-2024-56779",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur\r\n\r\nThe action force umount(umount -f) will attempt to kill all rpc_task even\r\numount operation may ultimately fail if some files remain open.\r\nConsequently, if an action attempts to open a file, it can potentially\r\nsend two rpc_task to nfs server.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-56779"
    },
    {
      "cve": "CVE-2024-56780",
      "cwe": {
        "id": "CWE-833",
        "name": "Deadlock"
      },
      "notes": [
        {
          "category": "summary",
          "text": "quota: flush quota_release_work upon quota writeback One of the paths quota writeback is called from is: freeze_super() sync_filesystem() ext4_sync_fs() dquot_writeback_dquots().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-56780"
    },
    {
      "cve": "CVE-2024-57884",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim()\r\n\r\nThe task sometimes continues looping in throttle_direct_reclaim() because\r\nallow_direct_reclaim(pgdat) keeps returning false.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-57884"
    },
    {
      "cve": "CVE-2024-57901",
      "cwe": {
        "id": "CWE-664",
        "name": "Improper Control of a Resource Through its Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "af_packet: vlan_get_protocol_dgram() vs MSG_PEEK Blamed allowing a crash.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2024-57901"
    },
    {
      "cve": "CVE-2025-0167",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When asked to use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has a default entry that omits both login and password. A rare circumstance.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.4,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2025-0167"
    },
    {
      "cve": "CVE-2025-0395",
      "cwe": {
        "id": "CWE-131",
        "name": "Incorrect Calculation of Buffer Size"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2025-0395"
    },
    {
      "cve": "CVE-2025-0665",
      "cwe": {
        "id": "CWE-1341",
        "name": "Multiple Releases of Same Resource or Handle"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2025-0665"
    },
    {
      "cve": "CVE-2025-0725",
      "cwe": {
        "id": "CWE-680",
        "name": "Integer Overflow to Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPT_ACCEPT_ENCODING option, using zlib 1.2.0.3 or older, an attacker-controlled integer overflow would make libcurl perform a buffer overflow.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2025-0725"
    },
    {
      "cve": "CVE-2025-1390",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The PAM module pam_cap.so of libcap configuration supports group names starting with \u201c@\u201d, during actual parsing, configurations not starting with \u201c@\u201d are incorrectly recognized as group names. This may result in nonintended users being granted an inherited capability set, potentially leading to security risks. Attackers can exploit this vulnerability to achieve local privilege escalation on systems where /etc/security/capability.conf is used to configure user inherited privileges by constructing specific usernames.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2025-1390"
    },
    {
      "cve": "CVE-2025-3277",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An integer overflow can be triggered in SQLite\u0027s \u0027concat_ws()\u0027 function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a wild Heap Buffer overflow of size 4GB can be triggered. This can result in arbitrary code execution.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2025-3277"
    },
    {
      "cve": "CVE-2025-3360",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "1. Describe what is the vulnerability about, e.g.:\n    Affected devices do not properly validate input in the hack-me endpoint of the web service.\n\n    2. Describe what an attacker could do with it - e.g.:\n    This could allow an unauthenticated remote attacker to execute arbitrary code on the device.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 0.0,
            "baseSeverity": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2025-3360"
    },
    {
      "cve": "CVE-2025-21694",
      "cwe": {
        "id": "CWE-667",
        "name": "Improper Locking"
      },
      "notes": [
        {
          "category": "summary",
          "text": "fs/proc: softlockup in __read_vmcore",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2025-21694"
    },
    {
      "cve": "CVE-2025-26466",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2025-26466"
    },
    {
      "cve": "CVE-2025-29087",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In SQLite, the concat_ws() SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string (e.g., 2MB or more), an integer overflow occurs in calculating the size of the result buffer, and thus malloc may not allocate enough memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2025-29087"
    },
    {
      "cve": "CVE-2025-29088",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability in sqlite allows an attacker to cause a denial of service via the SQLITE_DBCONFIG_LOOKASIDE component.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2025-29088"
    },
    {
      "cve": "CVE-2025-32728",
      "cwe": {
        "id": "CWE-440",
        "name": "Expected Behavior Violation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only build and run applications from trusted sources.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.5 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005"
          ]
        }
      ],
      "title": "CVE-2025-32728"
    }
  ]
}

{
  "GSD": {
    "alias": "CVE-2021-44879",
    "description": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.",
    "id": "GSD-2021-44879",
    "references": [
      "https://www.suse.com/security/cve/CVE-2021-44879.html",
      "https://ubuntu.com/security/CVE-2021-44879",
      "https://security.archlinux.org/CVE-2021-44879"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-44879"
      ],
      "details": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.",
      "id": "GSD-2021-44879",
      "modified": "2023-12-13T01:23:20.237405Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2021-44879",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.3",
            "refsource": "CONFIRM",
            "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.3"
          },
          {
            "name": "https://bugzilla.kernel.org/show_bug.cgi?id=215231",
            "refsource": "MISC",
            "url": "https://bugzilla.kernel.org/show_bug.cgi?id=215231"
          },
          {
            "name": "https://lore.kernel.org/linux-f2fs-devel/20211206144421.3735-3-chao@kernel.org/T/",
            "refsource": "MISC",
            "url": "https://lore.kernel.org/linux-f2fs-devel/20211206144421.3735-3-chao@kernel.org/T/"
          },
          {
            "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9056d6489f5a41cfbb67f719d2c0ce61ead72d9f",
            "refsource": "MISC",
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9056d6489f5a41cfbb67f719d2c0ce61ead72d9f"
          },
          {
            "name": "[debian-lts-announce] 20240111 [SECURITY] [DLA 3710-1] linux security update",
            "refsource": "MLIST",
            "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html"
          },
          {
            "name": "[debian-lts-announce] 20240111 [SECURITY] [DLA 3711-1] linux-5.10 security update",
            "refsource": "MLIST",
            "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "6FBCF385-C05A-44CC-AF30-EDA38785D4BD",
                    "versionEndExcluding": "5.16.3",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference."
          },
          {
            "lang": "es",
            "value": "En la funci\u00f3n gc_data_segment en el archivo fs/f2fs/gc.c en el kernel de Linux versiones anteriores a 5.16.3, no son considerados los archivos especiales, conllevando a una desreferencia de puntero NULL de move_data_page"
          }
        ],
        "id": "CVE-2021-44879",
        "lastModified": "2024-01-11T21:15:09.497",
        "metrics": {
          "cvssMetricV2": [
            {
              "acInsufInfo": false,
              "baseSeverity": "MEDIUM",
              "cvssData": {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              "exploitabilityScore": 8.6,
              "impactScore": 2.9,
              "obtainAllPrivilege": false,
              "obtainOtherPrivilege": false,
              "obtainUserPrivilege": false,
              "source": "nvd@nist.gov",
              "type": "Primary",
              "userInteractionRequired": true
            }
          ],
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 1.8,
              "impactScore": 3.6,
              "source": "nvd@nist.gov",
              "type": "Primary"
            }
          ]
        },
        "published": "2022-02-14T12:15:15.697",
        "references": [
          {
            "source": "cve@mitre.org",
            "tags": [
              "Exploit",
              "Issue Tracking",
              "Vendor Advisory"
            ],
            "url": "https://bugzilla.kernel.org/show_bug.cgi?id=215231"
          },
          {
            "source": "cve@mitre.org",
            "tags": [
              "Mailing List",
              "Vendor Advisory"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.3"
          },
          {
            "source": "cve@mitre.org",
            "tags": [
              "Mailing List",
              "Patch",
              "Vendor Advisory"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9056d6489f5a41cfbb67f719d2c0ce61ead72d9f"
          },
          {
            "source": "cve@mitre.org",
            "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html"
          },
          {
            "source": "cve@mitre.org",
            "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html"
          },
          {
            "source": "cve@mitre.org",
            "url": "https://lore.kernel.org/linux-f2fs-devel/20211206144421.3735-3-chao%40kernel.org/T/"
          }
        ],
        "sourceIdentifier": "cve@mitre.org",
        "vulnStatus": "Modified",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-476"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

{
  "document": {
    "category": "csaf_vex",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Public",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
        "title": "Disclaimer"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "secure@microsoft.com",
      "name": "Microsoft Security Response Center",
      "namespace": "https://msrc.microsoft.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "CVE-2021-44879 In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3 special files are not considered leading to a move_data_page NULL pointer dereference. - VEX",
        "url": "https://msrc.microsoft.com/csaf/vex/2022/msrc_cve-2021-44879.json"
      },
      {
        "category": "external",
        "summary": "Microsoft Support Lifecycle",
        "url": "https://support.microsoft.com/lifecycle"
      },
      {
        "category": "external",
        "summary": "Common Vulnerability Scoring System",
        "url": "https://www.first.org/cvss"
      }
    ],
    "title": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3 special files are not considered leading to a move_data_page NULL pointer dereference.",
    "tracking": {
      "current_release_date": "2022-02-23T00:00:00.000Z",
      "generator": {
        "date": "2025-10-19T23:18:12.202Z",
        "engine": {
          "name": "MSRC Generator",
          "version": "1.0"
        }
      },
      "id": "msrc_CVE-2021-44879",
      "initial_release_date": "2022-02-02T00:00:00.000Z",
      "revision_history": [
        {
          "date": "2022-02-23T00:00:00.000Z",
          "legacy_version": "1",
          "number": "1",
          "summary": "Information published."
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "1.0",
                "product": {
                  "name": "CBL Mariner 1.0",
                  "product_id": "16820"
                }
              },
              {
                "category": "product_version",
                "name": "2.0",
                "product": {
                  "name": "CBL Mariner 2.0",
                  "product_id": "17086"
                }
              }
            ],
            "category": "product_name",
            "name": "Azure Linux"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003ccm1 kernel 5.10.111.1-1",
                "product": {
                  "name": "\u003ccm1 kernel 5.10.111.1-1",
                  "product_id": "2"
                }
              },
              {
                "category": "product_version",
                "name": "cm1 kernel 5.10.111.1-1",
                "product": {
                  "name": "cm1 kernel 5.10.111.1-1",
                  "product_id": "18454"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003ccbl2 kernel 5.15.26.1-1",
                "product": {
                  "name": "\u003ccbl2 kernel 5.15.26.1-1",
                  "product_id": "1"
                }
              },
              {
                "category": "product_version",
                "name": "cbl2 kernel 5.15.26.1-1",
                "product": {
                  "name": "cbl2 kernel 5.15.26.1-1",
                  "product_id": "18781"
                }
              }
            ],
            "category": "product_name",
            "name": "kernel"
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003ccm1 kernel 5.10.111.1-1 as a component of CBL Mariner 1.0",
          "product_id": "16820-2"
        },
        "product_reference": "2",
        "relates_to_product_reference": "16820"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cm1 kernel 5.10.111.1-1 as a component of CBL Mariner 1.0",
          "product_id": "18454-16820"
        },
        "product_reference": "18454",
        "relates_to_product_reference": "16820"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003ccbl2 kernel 5.15.26.1-1 as a component of CBL Mariner 2.0",
          "product_id": "17086-1"
        },
        "product_reference": "1",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cbl2 kernel 5.15.26.1-1 as a component of CBL Mariner 2.0",
          "product_id": "18781-17086"
        },
        "product_reference": "18781",
        "relates_to_product_reference": "17086"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-44879",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "general",
          "text": "mitre",
          "title": "Assigning CNA"
        }
      ],
      "product_status": {
        "fixed": [
          "18454-16820",
          "18781-17086"
        ],
        "known_affected": [
          "16820-2",
          "17086-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-44879 In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3 special files are not considered leading to a move_data_page NULL pointer dereference. - VEX",
          "url": "https://msrc.microsoft.com/csaf/vex/2022/msrc_cve-2021-44879.json"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-02-23T00:00:00.000Z",
          "details": "-:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
          "product_ids": [
            "16820-2"
          ],
          "url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
        },
        {
          "category": "vendor_fix",
          "date": "2022-02-23T00:00:00.000Z",
          "details": "5.15.26.1-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
          "product_ids": [
            "17086-1"
          ],
          "url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalsScore": 0.0,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 5.5,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "16820-2",
            "17086-1"
          ]
        }
      ],
      "title": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3 special files are not considered leading to a move_data_page NULL pointer dereference."
    }
  ]
}

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FBCF385-C05A-44CC-AF30-EDA38785D4BD",
              "versionEndExcluding": "5.16.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference."
    },
    {
      "lang": "es",
      "value": "En la funci\u00f3n gc_data_segment en el archivo fs/f2fs/gc.c en el kernel de Linux versiones anteriores a 5.16.3, no son considerados los archivos especiales, conllevando a una desreferencia de puntero NULL de move_data_page"
    }
  ],
  "id": "CVE-2021-44879",
  "lastModified": "2024-11-21T06:31:39.020",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-02-14T12:15:15.697",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.kernel.org/show_bug.cgi?id=215231"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Vendor Advisory"
      ],
      "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.3"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9056d6489f5a41cfbb67f719d2c0ce61ead72d9f"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lore.kernel.org/linux-f2fs-devel/20211206144421.3735-3-chao%40kernel.org/T/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.kernel.org/show_bug.cgi?id=215231"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Vendor Advisory"
      ],
      "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9056d6489f5a41cfbb67f719d2c0ce61ead72d9f"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lore.kernel.org/linux-f2fs-devel/20211206144421.3735-3-chao%40kernel.org/T/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2022-0061 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0061.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2022-0061 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0061"
      },
      {
        "category": "external",
        "summary": "AVAYA Security Advisory ASA-2022-028 vom 2022-06-01",
        "url": "https://downloads.avaya.com/css/P8/documents/101082104"
      },
      {
        "category": "external",
        "summary": "OSS-Security Mailing Liste vom 2022-02-13",
        "url": "http://seclists.org/oss-sec/2022/q1/132"
      },
      {
        "category": "external",
        "summary": "OSS-Security Mailing Liste vom 2022-02-13",
        "url": "https://seclists.org/oss-sec/2022/q1/136"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5302-1 vom 2022-02-22",
        "url": "https://ubuntu.com/security/notices/USN-5302-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:0615-1 vom 2022-03-01",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010319.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:0619-1 vom 2022-03-01",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010320.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:0660-1 vom 2022-03-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010329.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5092 vom 2022-03-07",
        "url": "https://lists.debian.org/debian-security-announce/2022/msg00059.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:0757-1 vom 2022-03-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010402.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:0759-1 vom 2022-03-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010392.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:0761-1 vom 2022-03-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010398.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:0767-1 vom 2022-03-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010399.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:0768-1 vom 2022-03-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010395.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:0760-1 vom 2022-03-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010397.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:0766-1 vom 2022-03-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010394.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:0765-1 vom 2022-03-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010400.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:0777 vom 2022-03-08",
        "url": "https://access.redhat.com/errata/RHSA-2022:0777"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:0755-1 vom 2022-03-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010393.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:0825 vom 2022-03-10",
        "url": "https://access.redhat.com/errata/RHSA-2022:0825"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2022-0825 vom 2022-03-11",
        "url": "http://linux.oracle.com/errata/ELSA-2022-0825.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5337-1 vom 2022-03-22",
        "url": "https://ubuntu.com/security/notices/USN-5337-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5338-1 vom 2022-03-22",
        "url": "https://ubuntu.com/security/notices/USN-5338-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1039-1 vom 2022-03-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010566.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1037-1 vom 2022-03-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010570.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1038-1 vom 2022-03-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010567.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5362-1 vom 2022-04-01",
        "url": "https://ubuntu.com/security/notices/USN-5362-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5368-1 vom 2022-04-06",
        "url": "https://ubuntu.com/security/notices/USN-5368-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1257-1 vom 2022-04-19",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010746.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5383-1 vom 2022-04-21",
        "url": "https://ubuntu.com/security/notices/USN-5383-1"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:1476 vom 2022-04-21",
        "url": "https://access.redhat.com/errata/RHSA-2022:1476"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2520-1 vom 2022-07-22",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-July/011616.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2615-1 vom 2022-08-01",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011728.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6681-3 vom 2024-03-13",
        "url": "https://ubuntu.com/security/notices/USN-6681-3"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3710 vom 2024-01-11",
        "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3711 vom 2024-01-11",
        "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6681-2 vom 2024-03-11",
        "url": "https://www.cybersecurity-help.cz/vdb/SB2024031133"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6681-2 vom 2024-03-11",
        "url": "https://ubuntu.com/security/notices/USN-6681-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6681-1 vom 2024-03-07",
        "url": "https://ubuntu.com/security/notices/USN-6681-1"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5594 vom 2024-01-02",
        "url": "https://lists.debian.org/debian-security-announce/2024/msg00001.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6681-4 vom 2024-03-19",
        "url": "https://ubuntu.com/security/notices/USN-6681-4"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6716-1 vom 2024-03-26",
        "url": "https://ubuntu.com/security/notices/USN-6716-1"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-03-25T23:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T17:26:16.410+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2022-0061",
      "initial_release_date": "2022-02-13T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2022-02-13T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2022-02-22T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2022-03-01T23:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-03-02T23:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-03-07T23:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2022-03-08T23:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von SUSE und Red Hat aufgenommen"
        },
        {
          "date": "2022-03-10T23:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2022-03-13T23:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2022-03-21T23:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2022-03-30T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-03-31T22:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2022-04-06T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2022-04-19T22:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-04-20T22:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2022-04-21T22:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2022-06-02T22:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von AVAYA aufgenommen"
        },
        {
          "date": "2022-07-21T22:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-08-01T22:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-01-02T23:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-01-11T23:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-03-06T23:00:00.000+00:00",
          "number": "21",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-03-11T23:00:00.000+00:00",
          "number": "22",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-03-13T23:00:00.000+00:00",
          "number": "23",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-03-19T23:00:00.000+00:00",
          "number": "24",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-03-25T23:00:00.000+00:00",
          "number": "25",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        }
      ],
      "status": "final",
      "version": "25"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Avaya Aura Application Enablement Services",
            "product": {
              "name": "Avaya Aura Application Enablement Services",
              "product_id": "T015516",
              "product_identification_helper": {
                "cpe": "cpe:/a:avaya:aura_application_enablement_services:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Avaya Aura Communication Manager",
            "product": {
              "name": "Avaya Aura Communication Manager",
              "product_id": "T015126",
              "product_identification_helper": {
                "cpe": "cpe:/a:avaya:communication_manager:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Avaya Aura Experience Portal",
            "product": {
              "name": "Avaya Aura Experience Portal",
              "product_id": "T015519",
              "product_identification_helper": {
                "cpe": "cpe:/a:avaya:aura_experience_portal:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Avaya Aura Session Manager",
            "product": {
              "name": "Avaya Aura Session Manager",
              "product_id": "T015127",
              "product_identification_helper": {
                "cpe": "cpe:/a:avaya:session_manager:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Avaya Aura System Manager",
            "product": {
              "name": "Avaya Aura System Manager",
              "product_id": "T015518",
              "product_identification_helper": {
                "cpe": "cpe:/a:avaya:aura_system_manager:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Avaya"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source Linux Kernel",
            "product": {
              "name": "Open Source Linux Kernel",
              "product_id": "T006656",
              "product_identification_helper": {
                "cpe": "cpe:/o:linux:linux_kernel:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-44879",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle im Linux Kernel. In \"move_data_page\" in [fs/f2fs/gc.c] kommt es unter bestimmten Voraussetzungen zu einer NULL-Zeiger-Dereferenzierung. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Serivce zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015519",
          "T015518",
          "2951",
          "T002207",
          "T006656",
          "67646",
          "T015516",
          "T000126",
          "T015127",
          "T015126",
          "T004914"
        ]
      },
      "release_date": "2022-02-13T23:00:00.000+00:00",
      "title": "CVE-2021-44879"
    },
    {
      "cve": "CVE-2022-0516",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle im Linux Kernel. Diese besteht in \"kvm_s390_guest_sida_op\" in der Funktion [arch/s390/kvm/kvm-s390.c] in KVM f\u00fcr s390. Ein lokaler Angreifer mit normalen Benutzerrechten kann diese Schwachstelle ausnutzen, um unerlaubten Speicherschreibzugriff zu erhalten."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T006656",
          "67646",
          "T000126",
          "T004914"
        ]
      },
      "release_date": "2022-02-13T23:00:00.000+00:00",
      "title": "CVE-2022-0516"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2022-0061 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0061.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2022-0061 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0061"
      },
      {
        "category": "external",
        "summary": "AVAYA Security Advisory ASA-2022-028 vom 2022-06-01",
        "url": "https://downloads.avaya.com/css/P8/documents/101082104"
      },
      {
        "category": "external",
        "summary": "OSS-Security Mailing Liste vom 2022-02-13",
        "url": "http://seclists.org/oss-sec/2022/q1/132"
      },
      {
        "category": "external",
        "summary": "OSS-Security Mailing Liste vom 2022-02-13",
        "url": "https://seclists.org/oss-sec/2022/q1/136"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5302-1 vom 2022-02-22",
        "url": "https://ubuntu.com/security/notices/USN-5302-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:0615-1 vom 2022-03-01",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010319.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:0619-1 vom 2022-03-01",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010320.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:0660-1 vom 2022-03-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010329.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5092 vom 2022-03-07",
        "url": "https://lists.debian.org/debian-security-announce/2022/msg00059.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:0757-1 vom 2022-03-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010402.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:0759-1 vom 2022-03-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010392.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:0761-1 vom 2022-03-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010398.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:0767-1 vom 2022-03-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010399.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:0768-1 vom 2022-03-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010395.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:0760-1 vom 2022-03-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010397.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:0766-1 vom 2022-03-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010394.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:0765-1 vom 2022-03-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010400.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:0777 vom 2022-03-08",
        "url": "https://access.redhat.com/errata/RHSA-2022:0777"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:0755-1 vom 2022-03-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010393.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:0825 vom 2022-03-10",
        "url": "https://access.redhat.com/errata/RHSA-2022:0825"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2022-0825 vom 2022-03-11",
        "url": "http://linux.oracle.com/errata/ELSA-2022-0825.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5337-1 vom 2022-03-22",
        "url": "https://ubuntu.com/security/notices/USN-5337-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5338-1 vom 2022-03-22",
        "url": "https://ubuntu.com/security/notices/USN-5338-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1039-1 vom 2022-03-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010566.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1037-1 vom 2022-03-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010570.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1038-1 vom 2022-03-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010567.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5362-1 vom 2022-04-01",
        "url": "https://ubuntu.com/security/notices/USN-5362-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5368-1 vom 2022-04-06",
        "url": "https://ubuntu.com/security/notices/USN-5368-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1257-1 vom 2022-04-19",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010746.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5383-1 vom 2022-04-21",
        "url": "https://ubuntu.com/security/notices/USN-5383-1"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:1476 vom 2022-04-21",
        "url": "https://access.redhat.com/errata/RHSA-2022:1476"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2520-1 vom 2022-07-22",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-July/011616.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2615-1 vom 2022-08-01",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011728.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6681-3 vom 2024-03-13",
        "url": "https://ubuntu.com/security/notices/USN-6681-3"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3710 vom 2024-01-11",
        "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3711 vom 2024-01-11",
        "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6681-2 vom 2024-03-11",
        "url": "https://www.cybersecurity-help.cz/vdb/SB2024031133"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6681-2 vom 2024-03-11",
        "url": "https://ubuntu.com/security/notices/USN-6681-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6681-1 vom 2024-03-07",
        "url": "https://ubuntu.com/security/notices/USN-6681-1"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5594 vom 2024-01-02",
        "url": "https://lists.debian.org/debian-security-announce/2024/msg00001.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6681-4 vom 2024-03-19",
        "url": "https://ubuntu.com/security/notices/USN-6681-4"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6716-1 vom 2024-03-26",
        "url": "https://ubuntu.com/security/notices/USN-6716-1"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-03-25T23:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T17:26:16.410+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2022-0061",
      "initial_release_date": "2022-02-13T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2022-02-13T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2022-02-22T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2022-03-01T23:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-03-02T23:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-03-07T23:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2022-03-08T23:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von SUSE und Red Hat aufgenommen"
        },
        {
          "date": "2022-03-10T23:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2022-03-13T23:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2022-03-21T23:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2022-03-30T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-03-31T22:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2022-04-06T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2022-04-19T22:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-04-20T22:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2022-04-21T22:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2022-06-02T22:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von AVAYA aufgenommen"
        },
        {
          "date": "2022-07-21T22:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-08-01T22:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-01-02T23:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-01-11T23:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-03-06T23:00:00.000+00:00",
          "number": "21",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-03-11T23:00:00.000+00:00",
          "number": "22",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-03-13T23:00:00.000+00:00",
          "number": "23",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-03-19T23:00:00.000+00:00",
          "number": "24",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-03-25T23:00:00.000+00:00",
          "number": "25",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        }
      ],
      "status": "final",
      "version": "25"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Avaya Aura Application Enablement Services",
            "product": {
              "name": "Avaya Aura Application Enablement Services",
              "product_id": "T015516",
              "product_identification_helper": {
                "cpe": "cpe:/a:avaya:aura_application_enablement_services:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Avaya Aura Communication Manager",
            "product": {
              "name": "Avaya Aura Communication Manager",
              "product_id": "T015126",
              "product_identification_helper": {
                "cpe": "cpe:/a:avaya:communication_manager:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Avaya Aura Experience Portal",
            "product": {
              "name": "Avaya Aura Experience Portal",
              "product_id": "T015519",
              "product_identification_helper": {
                "cpe": "cpe:/a:avaya:aura_experience_portal:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Avaya Aura Session Manager",
            "product": {
              "name": "Avaya Aura Session Manager",
              "product_id": "T015127",
              "product_identification_helper": {
                "cpe": "cpe:/a:avaya:session_manager:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Avaya Aura System Manager",
            "product": {
              "name": "Avaya Aura System Manager",
              "product_id": "T015518",
              "product_identification_helper": {
                "cpe": "cpe:/a:avaya:aura_system_manager:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Avaya"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source Linux Kernel",
            "product": {
              "name": "Open Source Linux Kernel",
              "product_id": "T006656",
              "product_identification_helper": {
                "cpe": "cpe:/o:linux:linux_kernel:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-44879",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle im Linux Kernel. In \"move_data_page\" in [fs/f2fs/gc.c] kommt es unter bestimmten Voraussetzungen zu einer NULL-Zeiger-Dereferenzierung. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Serivce zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015519",
          "T015518",
          "2951",
          "T002207",
          "T006656",
          "67646",
          "T015516",
          "T000126",
          "T015127",
          "T015126",
          "T004914"
        ]
      },
      "release_date": "2022-02-13T23:00:00.000+00:00",
      "title": "CVE-2021-44879"
    },
    {
      "cve": "CVE-2022-0516",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle im Linux Kernel. Diese besteht in \"kvm_s390_guest_sida_op\" in der Funktion [arch/s390/kvm/kvm-s390.c] in KVM f\u00fcr s390. Ein lokaler Angreifer mit normalen Benutzerrechten kann diese Schwachstelle ausnutzen, um unerlaubten Speicherschreibzugriff zu erhalten."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T006656",
          "67646",
          "T000126",
          "T004914"
        ]
      },
      "release_date": "2022-02-13T23:00:00.000+00:00",
      "title": "CVE-2022-0516"
    }
  ]
}

{
  "affected": [],
  "aliases": [
    "CVE-2021-44879"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-02-14T12:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.",
  "id": "GHSA-6vpr-3pgw-5q44",
  "modified": "2024-01-11T21:31:13Z",
  "published": "2022-02-15T00:02:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44879"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.kernel.org/show_bug.cgi?id=215231"
    },
    {
      "type": "WEB",
      "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.3"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9056d6489f5a41cfbb67f719d2c0ce61ead72d9f"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html"
    },
    {
      "type": "WEB",
      "url": "https://lore.kernel.org/linux-f2fs-devel/20211206144421.3735-3-chao%40kernel.org/T"
    },
    {
      "type": "WEB",
      "url": "https://lore.kernel.org/linux-f2fs-devel/20211206144421.3735-3-chao@kernel.org/T"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}